Allow creation of API Keys and their Whitelists via Terraform
Currently it is not possible to create an Organization API Key via terraform and manage its IP Whitelist. This would be a very useful feature for large organizations: https://docs.atlas.mongodb.com/reference/api/apiKeys-orgs-create-one/
Marius
shared this idea
While this was not added to Terraform, support now exists for MongoDB Atlas Programmatic API key generation within Vault, which due to the sensitive nature of API keys this seemed a better fit for the functionality.
HashiCorp Vault 1.4 – https://www.mongodb.com/blog/post/manage-atlas-database-secrets-hashicorp-vault
-
Diogo
commented
Is this a strategic position?
We want to use terraform to create Org Member API keys for each project as part of a bootstrapping flow, so we can provide programmatic access for our internal customers to their MongoDB projects.As part of that initial flow, we wanted to create an API Key and store it in our own Secret Manager, and provide IAM for the users to retrieve the data.
This is a big disappointment if this is not on the road map to be possibly done through Terraform directly
-
This functionality is now supported in HashiCorp Vault 1.4 - https://www.mongodb.com/blog/post/manage-atlas-database-secrets-hashicorp-vault
-
Thank you for the submission. Agree and we actually have built an integration to manage MongoDB Atlas Programmatic API Keys via HashiCorp Vault. It will be included in their next release, version 1.4. Stay tuned for more information as we finalize the release with HashiCorp.