Rotate Keyfile
On this page
- OAuth 2.0 authentication for programmatic access to Cloud Manager is available as a Preview feature.
- The feature and the corresponding documentation might change at any time during the Preview period. To use OAuth 2.0 authentication, create a service account to use in your requests to the Cloud Manager Public API.
If your cluster uses keyfile authentication, it is recommended that you rotate the keyfile periodically. Cloud Manager provides an automated procedure for keyfile rotation with no downtime.
To rotate the keyfile using the API instead of the user interface, see Rotate a Key File with the API.
Prerequisites
To perform a rolling keyfile rotation:
Authentication must be enabled.
At least one cluster in the project must be configured with the clusterAuthMode option set to
keyFileorsendKeyFile.All clusters in the project must be running MongoDB version 4.2 or higher.
Procedure
In MongoDB Cloud Manager, go to the Deployment page for your project.
If it is not already displayed, select the organization that contains your desired project from the Organizations menu in the navigation bar.
If it's not already displayed, select your desired project from the Projects menu in the navigation bar.
If the Deployment page is not already displayed, click Deployment in the sidebar.
The Deployment page displays.
Go to the Security page.
Click the Security tab for your deployment.
The Security page displays.
Go to the Security Settings dialog for your deployment.
Do one of the following actions:
If this is your first time configuring TLS, authentication, or authorization settings for this project, click Get Started.
If you have already configured TLS authentication, or authorization settings for this project, click Edit.