Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
64 results found
-
Support safe handling of shared project IP access list entries in Terraform (prevent deletes when the same IP is used by multiple services).
Description:
We are facing an issue managing project-level IP access lists in MongoDB Atlas when multiple services/profiles share the same IP address.Scenario:
One Atlas Project.
Service is deployed with different cluster profiles (e.g., integration, testing).
Each profile’s Terraform stack provisions:
An Atlas cluster (mongodbatlasadvancedcluster)
A backup schedule (mongodbatlascloudbackup_schedule)
A project IP access list entry (mongodbatlasprojectipaccesslist) using the same IP address.
Behavior Observed:
Integration profile deployment:
Creates cluster, backup, and adds Gateway IP to the project access list.
Testing profile deployment (same service, different profile):
Creates a second cluster and backup.
Attempts…
1 vote -
Support safe handling of shared project IP access list entries in Terraform (prevent deletes when the same IP is used by multiple services).
Description:
We are facing an issue managing project-level IP access lists in MongoDB Atlas when multiple services/profiles share the same IP address.Scenario:
One Atlas Project.
Service is deployed with different cluster profiles (e.g., integration, testing).
Each profile’s Terraform stack provisions:
An Atlas cluster (mongodbatlasadvancedcluster)
A backup schedule (mongodbatlascloudbackup_schedule)
A project IP access list entry (mongodbatlasprojectipaccesslist) using the same IP address.
Behavior Observed:
Integration profile deployment:
Creates cluster, backup, and adds Gateway IP to the project access list. ✅
Testing profile deployment (same service, different profile):
Creates a second cluster and backup.
…
1 vote -
Terraform to have a generic org_owner_id instead of personal email for org creation
For now; I was told that the orgownerid while using org create using terraform has to be a non- generic email ID
data "mongodbatlasorguser" "test" {
orgid = mongodbatlasorguser.test.orgid
username = mongodbatlasorguser.test.username
}For example siri.bhar@centene.com can we have a feature to have a generic one in place or a distribution list?
4 votes -
Add single link between workload identity provider and organization via Terraform
We currently have multiple Terraform workspaces for different environments that each set up their own MongoDB Atlas workload identity provider (AKS cluster). In order to link these providers to the organization you have to manage a "mongodbatlasfederatedsettingsorgconfig" resource and pass a list of ALL identitiy provider ids. The Terraform workspace only knows (or rather: should only know) about its own identity provider, so it would be nice to have a single Terraform resource that manages a single workload identity provider <-> organization link.
1 vote -
Support auth token from service accounts
Support auth token from service accounts in the provider configuration, as well as API keys, https://www.mongodb.com/docs/atlas/configure-api-access/#make-an-api-request.
1 vote -
federated authentication to terraform provider
Allow OIDC authentication to the terraform provider to eliminate the need for secrets or static configuration
2 votesOnce Atlas itself supports this we will implement in the Terraform provider. We are in close contact with the PM who owns IAM and have alerted him to this request.
-
Use Semantic Versioning
Hi,
My problem is that the terraform provider doesn't use semantic versioning.
This has caused me quite a few problems.
Firstly - it's difficult when scrolling through your version releases to understand what's breaking and what's not (I lost an hour today having to check all the releases for updates, and then applying every couple of versions from an outdated provider to make sure there were no breaking changes).
Secondly, it means I have to pin a specific version in my terraform provider rather than leaving it to auto-update to the latest minor version "~> 1.0".
Lastly, it makes using…2 votes -
Use Semantic Versioning
Hi,
My problem is that the terraform provider doesn't use semantic versioning.
This has caused me quite a few problems.
Firstly - it's difficult when scrolling through your version releases to understand what's breaking and what's not (I lost an hour today having to check all the releases for updates, and then applying every couple of versions from an outdated provider to make sure there were no breaking changes).
Secondly, it means I have to pin a specific version in my terraform provider rather than leaving it to auto-update to the latest minor version "~> 1.0".
Lastly, it makes using…1 vote -
Add support for ephemeral password input in mongodbatlas_database_user resources
Terraform v1.10 added ephemeral resources that are not persisted in state, and v1.11 then added support for write-only resource attributes. To make use of this new resource type, resources must take a write-only input for applicable variables.
To make use of this in
mongodbatlas_database_user, I propose adding an alternativepassword_woinput that is mutually exclusive with the existingpasswordinput, along with a supplementarypassword_wo_versionvalue that will trigger a change if required (this is the pattern used inaws_secretsmanager_secret_version).The database user could then be configured as such, without the password being present in the terraform state:
…8 votes -
Create One Rolling Index in Terraform
This is a request to add our One Rolling Index request to our Terraform.
References:
* https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Rolling-Index/operation/createRollingIndexBenefits:
Many teams interact with Atlas via automation using Terraform. This has been highlighted as one of the important ones to have in Terraform.
2 votes -
mongodbatlas_federated_database_instance add GCP support
Is GCP support planned for terraform provider and GCP?
dataprocessregion {
cloudprovider = "GCP"
region = "IOWAUSA"
}Trying to use this in Terraform results in 500 Internal Server Error
│ Error: error creating MongoDB Atlas Federated Database Instace: https://cloud.mongodb.com/api/atlas/v2/groups/***/dataFederation POST: HTTP 500 Internal Server Error (Error code: "UNEXPECTED_ERROR") Detail: Unexpected error. Reason: Internal Server Error.
1 vote -
Allow API key with project owner rights the update of project API keys
We would like to use the terraform provider
mongodbatlas_access_list_api_keyto maintain the access list of our existing API keys.
We don't have an API key with organization owner rights. We have only an API key with project owner rights.
When I do the changes via web ui project owner rights are enough. I don't understand why the terraform provider needs organization owner rights.
In my understanding it should be possible to execute the providermongodbatlas_access_list_api_keyalso with project owner rights.4 votes -
Add sendCollectionLatencyMetrics and sendDatabaseMetrics to third_party_integration
Could you introduce sendCollectionLatencyMetrics and sendDatabaseMetrics to the tf provider defined in API spec https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Third-Party-Integrations/operation/createThirdPartyIntegration
1 vote -
Add extended JSON to mongodbatlas_event_trigger
Although it is possible to enable EJSON via the UI (and API), it would be best to do it with the mongodbatlaseventtrigger resource itself
1 vote -
Manage Organization Alerts in Terraform
We should be able to manage organization alerts through terraform, not only project level alerts.
I wanted to create a billing alert at organization level with terraform but was not able to do it, because the resource only allows the alert to be created at project level.
Doc: https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/alert_configuration2 votes -
Provide state import capability on mongodbatlas_organization resource
The mongodbatlas_organization resource does not have state import capabilities and I don't understand why. This doesn't seem to be a difficult one to implement and for us it will greatly help, because we have a need to import into state existing organisations which were created (unfortunately) outside terraform.
13 votes -
Update the regex used to split a database user import id to match the database name constraint
Hello,
While doing terraform import of the mongo db users, i'm facing an issue with the mongo terraform provider.
The database name contains an underscore so my imported user ID is 5ceClusterId-username-my_database.
I've got the following error when i launch my terraform import:
Error: error splitting database User info from ID
│ import format error: to import a Database User, use the format {projectid}-{username}-{authdatabase_name}Indeed the mongo tf provider uses a regex to split this ID and doesn't allow characters for db name others than $a-z.
=> https://github.com/mongodb/terraform-provider-mongodbatlas/blob/ebb67f86165e0a364e486e769678377db507f005/internal/service/databaseuser/resource_database_user.go#L349Is it possible to update the regex to allow others…
6 votes -
OIDC Authentication Terraform Provider
Hi,
it should be possible to authenticate with a service account from Entra ID to MongDB Atlas with the Usage of OIDC.
Here is an example of this in azurerm: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/service_principal_oidcpros:
- no password / private key needed
- no rotation of credentials needed1 vote -
Add boolean for applying changes only during maintenance window
Add boolean for applying changes only during maintenance window in order to not affect workloads during peak periods.
E.g.: we want to modify the instance type of our cluster, but we don't want to affect workloads during the day, therefore, any change to the cluster should be applied only during maintenance hours. The same functionality should be available in the console. As a matter of fact, all changes should be by default applied during maintenance window and user can choose to opt out and apply them immediately.
See DocumentDB as an example for this feature.
https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-modify.html4 votes -
We would need the GCP project number associated with a certain Atlas project
We would need the GCP project number associated with a certain Atlas project. Preferably we would need this integrated in the Terraform provider and in an API.
Having the GCP project number corresponding to a certain Atlas project would allow ACL creation with the various features provided by the cloud provider.0 votes
- Don't see your idea?