Skip to content
AskFlorence
Main Navigation ArchitectureFlorence AIAgentsMembersAgent PlatformValidationInfrastructure

Appearance

Sidebar Navigation

Overview

Home

Glossary

System Architecture

Consumer & Agent Flow

Florence AI

Overview

Principles

Runtime

Tool surface

Adding a tool

Tool registry

Knowledge: SBC scenarios & CSR

Voice

Evals & observability

Provider risk & portability

Outage playbook

Roadmap

Build plan

Agents

Overview

Workflows & pain points

Members

Overview

Medicaid coverage gap

Carriers

Overview

Marketplaces

Overview

Agency

Overview

Regulations

Overview

Agent Platform

Overview

Auth Architecture

MongoDB Permissioning

Compliance Model

Data Models

Data Sources

Overview

CMS Marketplace API

CMS dependency map

PUF Data

State Subsidies

SBE Ingestion Playbook

SBE State Watchouts + Decisions

CA Phase C/D Playbook

NY Phase C/D Playbook

Validation

Overview

Methodology

APTC Formula

California 2026

New York 2026

CAPS Formula

Scenario Results

Infrastructure

Account Inventory

AWS Setup Runbook

AWS Organizations

CloudTrail

GuardDuty

Security Hub

Config

CloudFront + WAFv2

Data sources & ingest

Phase 4 DNS

Change Log

Vulnerability Management

MongoDB Setup

Access Control

Data Classification

Documentation Hosting

Post-deploy Smoke

Development

Preflight (local CI mirror)

Testing strategy

Compliance

Overview (auditor entry point)

SOC 2 Control Mapping

HIPAA Control Mapping

CMS EDE Appendix A Mapping

Risk Assessment

Encryption Policy

Data Retention Policy

Privacy Impact Assessment

Consent Capture & Versioning

Incident Response Plan

Access Control Policy

Marketing vs. Portal Analytics

Vendor / Subprocessor Register

Dependency Vulnerability Policy

BAA / Compliance Evidence

Compliance-Automation Integration

Compliance-Automation Vendor Evaluation

Penetration Test Reports

Architecture

Portal entry handoff

Mobile app strategy

Deferred architecture decisions

Session cookie architecture

Share flows

Decisions (ADRs)

Index

0001 — Atlas project isolation

0002 — Append-only audit log

0003 — Narrow-scoped Mongo users

0004 — Cross-cluster Atlas PrivateLink

0005 — Delayed-job architecture

0006 — Mongo user simplification

0007 — Terraform owns ECS task def

0008 — E2E testing strategy

0009 — Self-hosted analytics + observability (superseded)

0010 — PostHog HIPAA Cloud (supersedes 0009)

Runbooks

Security Incident Response

Break-Glass Root Login

Onboard Team Member

Offboard Team Member

Atlas user provisioning

Deploy via Terraform (ENG-277)

Rollback via Terraform (ENG-277)

S3 data bucket migration (planned Phase 11)

Access Reviews

2026-Q2 Review

Session log

Index

2026-04-23 — Phase 10 DNS cutover

2026-04-22 — Phase 8 prod AWS mirror

2026-04-22 — Phase 7 Atlas VPC peering

2026-04-22 — Phase 6 CloudFront + WAF

2026-04-21 — Phase 5 staging go-live

2026-04-17 — Atlas staging

Briefs

Index

Member portal plan (ENG-187)

2026-04-16/17 handoff

2026-04-17 Atlas handoff

System briefing (2026-04-17)

Creative AdBundance proposal brief

Creative AdBundance analytics brief

ElevenLabs RN integration research

Policies

Overview

On this page

MongoDB Permissioning ​

🔴 LIVE STATE → see Atlas Access Matrix (auto-generated from infra/atlas/access-matrix.ts, CI-guarded for accuracy). The matrix is the canonical source of truth for every user, role, env-var, and code consumer. THIS file remains as the original Phase 5 design plan; some details have evolved since (ENG-239 narrowed app_read_staging, ENG-271 added app_read_local_staging, PR91 added app_writer_hubspot_sync, ENG-266 added app_admin_schema). Read the matrix first.

Status: Staging provisioned 2026-04-17. Prod rollout deferred until AWS cutover is verified. Related issue: #56

Execution artifacts:

  • Atlas Access Matrix — the live source of truth (start here)
  • ADR 0003 — Narrow-scoped MongoDB users — design rationale as accepted.
  • Runbook — Atlas user provisioning — exact commands to reproduce against prod.
  • Session log 2026-04-17 — what shipped on staging.

Current state ​

Today (.env.local):

  • MONGODB_URI → app-read user, read-only access to the askflorence database. OK as-is.
  • MONGODB_WRITE_URI → app-write user, readWrite for the whole DB. Overly broad. Violates least privilege. Currently used by every ingest script and anything that writes.

app-write is a dev convenience. It must be deleted before production launch. That deletion is a required exit criterion on Issue #56.

Target state (narrowly-scoped users) ​

UserRoleScopeUseStatus
app-read (keep)readdatabase askflorencePublic read queries (plans, zips, counties)Exists
app-write (dev only, delete before prod)readWritedatabase askflorence (too broad)Dev convenienceExists — must delete before prod
app_writer_plansreadWritecollections plans, zip_county, regions onlyIngest scripts going forwardNEW — create
app_writer_surveyreadWritecollection agent_survey_responses onlyPhase 2 survey writes from VercelNEW — P1, blocks Phase 2
app_writer_agentsreadWritecollections agents, agencies, agent_sessions, agent_audit_log, adminsPhase 5 agent portal writesNEW — blocks Phase 5
app_admin_agentsreadWrite + admin on agent collectionsSame as app_writer_agentsAdmin dashboard writesNEW — blocks Phase 5
audit_readerreadagent_audit_log onlyCompliance queries, read-onlyNEW — blocks first audit

Why this matters for EDE / SOC 2 ​

  • Principle of least privilege. A compromised API route that handles plan search can't modify agent records. A compromised agent-facing route can't grant admin rights. This maps to SOC 2 CC6.3 and HIPAA § 164.312(a)(1).
  • Audit clarity. MongoDB Atlas audit logs show which DB user performed which write. In SOC 2 controls review, that trail is evidence.
  • Blast radius. If an LLM-generated query or user-input sanitization gap lets an attacker do something unexpected, the damage is bounded by the user's collection scope.

Env var mapping (target) ​

Stored in Vercel env today. Moves to AWS Secrets Manager post-migration (Phase 4).

MONGODB_URI_READ             = app-read
MONGODB_URI_PLANS_WRITE      = app_writer_plans    (replaces MONGODB_WRITE_URI in scripts/db/*)
MONGODB_URI_SURVEY_WRITE     = app_writer_survey
MONGODB_URI_AGENTS_WRITE     = app_writer_agents
MONGODB_URI_AGENTS_ADMIN     = app_admin_agents
MONGODB_URI_AUDIT_READ       = audit_reader

Migration order (ops task) ​

Sequenced so we never have to migrate everything at once:

  1. Create app_writer_survey ahead of Phase 2. Phase 2 uses this exclusively — never touches app-write.
  2. Create app_writer_plans before Phase 5. Migrate scripts/db/*.js to use it. app-write continues to exist as an emergency fallback during dev.
  3. Create app_writer_agents, app_admin_agents, audit_reader before Phase 5 kicks off.
  4. Before production launch:
    • Audit all code (scripts/db/*.js and src/**/*.{ts,tsx}) for app-write / MONGODB_WRITE_URI references.
    • Migrate any remaining callers to narrowly-scoped users.
    • Delete app-write from MongoDB Atlas. Verify no code path still depends on it.

Step 4 is a hard blocker on Issue #56 closing.

Atlas implementation notes ​

  • Create users under Database Access in Atlas UI with scoped role grants.
  • Use readWrite at collection level, not database level, for all app_writer_* users. Atlas supports this per docs.
  • Network access list stays as-is (Vercel egress IPs + team member IPs); no change needed per user.
  • Do not give any app_writer_* user admin role. Only app_admin_agents gets admin on its collections, and only super-admin-triggered actions use it.
  • Rotate connection strings annually at minimum. Audit log checks should alert on usage from unexpected source IPs.

Related ​

  • Overview — how this fits into the phase roadmap
  • Data Models — what each user writes to
  • Compliance Model — the SOC 2 / HIPAA / EDE reasoning
  • Issue #56 — the tracked task
Pager
Previous pageAuth Architecture
Next pageCompliance Model

AskFlorence Internal Documentation. Not for public distribution.

AskFlorence

Internal Documentation

Access restricted. Not for public distribution.