Skip to content

How can we improve the platform?

← Atlas

Ideally migration of terraform state should be handled or provide a tool for migrating state

Hello,
We initially rolled out all our clusters with mongo atlas terraform provider version 0.7.0. Since we hadn't pinned the version, we started seeing warning listed below in the terraform plan.

Updating as indicated based on the warning means, a deletion and recreation of the private endpoint/link related resources which will lead to downtime as the cluster will be inaccessible while the private endpoint/link is being recreated.

Ideally migration of terraform state should be handled or provide a tool for migrating state so the resource can be migrated without recreation.

============================================

There are warnings related to your configuration. If no errors occurred,
Terraform will continue despite these warnings. It is a good idea to resolve
these warnings in the near future.

Warnings:
module.mongodbatlasds.mongodbatlasprivateendpoint.atlasprivateendpoint: this resource is deprecated, please transition as soon as possible to mongodbatlasprivatelinkendpoint
module.mongodbatlasds.mongodbatlasprivateendpointinterfacelink.atlasprivateendpointinterfacelink: this resource is deprecated, please transition as soon as possible to mongodbatlasprivatelinkendpoint_service

We did try using the import example but unfortunately ran into this issue:

Error importing: Provider "mongodbatlas" depends on non-var "data.external.mongoatlasvaultcredentials.0/data.external.mongoatlasvaultcredentials.N". Providers for import can currently only depend on variables or must be hardcoded. You can stop import from loading configurations by specifying -config="".

https://github.com/hashicorp/terraform/issues/17847

Our provider configuration is something like this where it pulls the credentials from vault using a script:
provider"mongodbatlas"{
version="0.8.2"
publickey="${data.external.mongoatlasvaultcredentials.result.publickey}"
privatekey="${data.external.mongoatlasvaultcredentials.result.privatekey}"
}

Now just for the sake of trying, I did hard code the pubic key/private key in the provider for my dev dc and in that case, the import does work as expected. But since we have 10 data centers for which we have different keys, it's not possible for us to hard code anything since the same code is used for all the DCs. So even though the import option can work for a simple deployment test, it's not a working solution for us.

1 vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Seunghyoung shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

Atlas: Terraform Provider

Categories

Feedback and Knowledge Base

(thinking…)