A leader in the Human Resources and Recruitment Optimization space has expanded its operations to new AWS regions and requires a manageable, dynamic, and secure way to manage access and to adhere to customer requirements while maintaining operational needs.
![MongoDB temporary access to production – Apono](https://www.apono.io/wp-content/uploads/2023/01/IMG-Article-Page-1024x634.png)
The Challenge
The company would like to provide developers access to MongoDBs on its production environment. To comply with customer compliance restrictions and to prevent human error, it requires:
Right-Size IAM – Grants developers “Just-Enough” access to resources for a “Just-in-Time” duration, reducing the chance of human-error and adhering to customer requirements.
For example:
Read-only Access to Production MongoDBs – On demand Via ChatOps
Read/Write Access to Production MongoDBs – On demand Via ChatOps with Approval
The company needed a robust solution that would provide the following:
- Scalability –The company had developed an internal solution that was not able to meet its growth. It requires a solution that can meet any scale of operations.
- Full Audit Trail – A solution that will document each step of the request/approve process including access justification, enabling full transparency of customer production access whenever it is required.
- One-Stop-Shop – A single solution that will manage permissions across all of the organization’s cloud resources:
- MongoDB
- Kubernetes
- S3
- PostgreSQL
- ElasticSearch
“We rely heavily on MongoDB in our production environment. Managing access to it has proven to be a challenge to say the least. Our internal solution had its glory days but was unable to meet our welcomed growth.”
DevOps Lead @ HR Company
The Solution – Apono Dynamic Access Flow
Using Apono’s platform, the company now has the ability to meet all the project requirements:
Automatic granting of Read access to developers who are within context and belong to the designated group, see access flow below:
ChatOps – Using the organization’s Slack tool, developers can now request Read/Write access in a simple, intuitive way.
- Scalability – Apono’s access flows can meet any scale and do not require adjustment according to growth.
- Full Audit Trail – Each action taken by the requester or approver and justification is recorded and can be viewed.
- Centralized Management to all cloud resources improves DevOps productivity while reducing MTTR.