I’ll need some help to understand MongoDB Atlas encryption.
I have an Atlas subscription for M10 cluster, encryption at rest enabled on it using Azure Key Vault and a database is created on the same cluster. My understanding is as the data is encrypted at rest, plain text in database should not be displayed when I access the database from Atlas or Compass (Enterprise). But as my IP is whitelist I am able to read the data as is, and if it’s not, connection to the cluster fails from MongoDB Compass.
Is there a way to prevent users from reading plain text without performing CSFLE? OR
Does MongoDB Atlas provide a feature that doesn’t display plain text to any user role?
If yes, can that be enabled for admin user role as well? OR can custom role setup restrict users from reading plain text?
As per the documentations, disk level encryption ensures that the files at rest are encrypted, is there a way to access those encrypted files on/from Atlas itself?
Also, can we arrange a call with the support team to discuss our queries in detail? If yes, could you please provide the details to contact support team directly and arrange a call, if and when required?