diff --git a/examples/MongoDB-Atlas-AWS-VPC-Peering/.gitignore b/examples/MongoDB-Atlas-AWS-VPC-Peering/.gitignore new file mode 100644 index 0000000000..b23259c8df --- /dev/null +++ b/examples/MongoDB-Atlas-AWS-VPC-Peering/.gitignore @@ -0,0 +1,3 @@ +*.tfstate* +.terraform* +terraform.tfvars diff --git a/examples/MongoDB-Atlas-AWS-VPC-Peering/Readme.md b/examples/MongoDB-Atlas-AWS-VPC-Peering/Readme.md new file mode 100644 index 0000000000..43975c36e1 --- /dev/null +++ b/examples/MongoDB-Atlas-AWS-VPC-Peering/Readme.md @@ -0,0 +1,65 @@ +# Example - AWS and Atlas together with Terraform + +This project aims to provide a very straight-forward example of using AWS and MongoDB Atlas together. + + +## Dependencies + +``` +Terraform v0.15.4 +on darwin_amd64 ++ provider registry.terraform.io/hashicorp/aws v3.48.0 ++ provider registry.terraform.io/mongodb/mongodbatlas v0.9.1 +``` + +## Usage + +**1\. Ensure your AWS credentials are set up.** + +This can be done using environment variables: + +``` bash +$ export AWS_SECRET_ACCESS_KEY='your secret key' +$ export AWS_ACCESS_KEY_ID='your key id' +``` + +... or the `~/.aws/credentials` file. + +``` +$ cat ~/.aws/credentials +[default] +aws_access_key_id = your key id +aws_secret_access_key = your secret key + +``` +... or follow as in the `variables.tf` file and create **terraform.tfvars** file with all the variable values and make sure **not to commit it**. + +**2\. Review the Terraform plan.** + +Execute the below command and ensure you are happy with the plan. + +``` bash +$ terraform plan +``` +This project currently creates the below deployments: + +- MongoDB cluster - M10 +- MongoDB User (Pass the values when asked) +- AWS Custom VPC, Internet Gateway, Route Tables, Subnets with Public and Private access +- AWS-MongoDB Atlas VPC Peering + +**3\. Execute the Terraform apply.** + +Now execute the plan to provision the AWS resources. + +``` bash +$ terraform apply +``` + +**4\. Destroy the resources.** + +Once you are finished your testing, ensure you destroy the resources to avoid unnecessary AWS charges. + +``` bash +$ terraform destroy +``` diff --git a/examples/MongoDB-Atlas-AWS-VPC-Peering/atlas.tf b/examples/MongoDB-Atlas-AWS-VPC-Peering/atlas.tf new file mode 100644 index 0000000000..ab0f4b2fc2 --- /dev/null +++ b/examples/MongoDB-Atlas-AWS-VPC-Peering/atlas.tf @@ -0,0 +1,71 @@ +provider "mongodbatlas" { + public_key = var.public_key + private_key = var.private_key +} + +resource "mongodbatlas_project" "aws_atlas" { + name = "aws-atlas" + org_id = var.atlasorgid +} + +resource "mongodbatlas_cluster" "cluster-atlas" { + project_id = mongodbatlas_project.aws_atlas.id + name = "cluster-atlas" + cluster_type = "REPLICASET" + replication_specs { + num_shards = 1 + regions_config { + region_name = "US_EAST_1" + electable_nodes = 3 + priority = 7 + read_only_nodes = 0 + } + } + provider_backup_enabled = true + auto_scaling_disk_gb_enabled = true + mongo_db_major_version = "5.0" + + //Provider Settings "block" + provider_name = "AWS" + disk_size_gb = 10 + provider_instance_size_name = "M10" +} + +resource "mongodbatlas_database_user" "db-user" { + username = var.atlas_dbuser + password = var.atlas_dbpassword + auth_database_name = "admin" + project_id = mongodbatlas_project.aws_atlas.id + roles { + role_name = "readWrite" + database_name = "admin" + } + depends_on = [mongodbatlas_project.aws_atlas] +} +resource "mongodbatlas_network_container" "atlas_container" { + atlas_cidr_block = var.atlas_vpc_cidr + project_id = mongodbatlas_project.aws_atlas.id + provider_name = "AWS" + region_name = var.atlas_region +} + +data "mongodbatlas_network_container" "atlas_container" { + container_id = mongodbatlas_network_container.atlas_container.container_id + project_id = mongodbatlas_project.aws_atlas.id +} + +resource "mongodbatlas_network_peering" "aws-atlas" { + accepter_region_name = var.aws_region + project_id = mongodbatlas_project.aws_atlas.id + container_id = mongodbatlas_network_container.atlas_container.container_id + provider_name = "AWS" + route_table_cidr_block = aws_vpc.primary.cidr_block + vpc_id = aws_vpc.primary.id + aws_account_id = var.aws_account_id +} + +resource "mongodbatlas_project_ip_access_list" "test" { + project_id = mongodbatlas_project.aws_atlas.id + cidr_block = aws_vpc.primary.cidr_block + comment = "cidr block for AWS VPC" +} \ No newline at end of file diff --git a/examples/MongoDB-Atlas-AWS-VPC-Peering/aws-vpc.tf b/examples/MongoDB-Atlas-AWS-VPC-Peering/aws-vpc.tf new file mode 100644 index 0000000000..81e70802dd --- /dev/null +++ b/examples/MongoDB-Atlas-AWS-VPC-Peering/aws-vpc.tf @@ -0,0 +1,77 @@ +provider "aws" { + region = var.aws_region + access_key = var.access_key + secret_key = var.secret_key +} + +//Create Primary VPC +resource "aws_vpc" "primary" { + cidr_block = "10.0.0.0/16" + enable_dns_hostnames = true + enable_dns_support = true +} + +//Create IGW +resource "aws_internet_gateway" "primary" { + vpc_id = aws_vpc.primary.id +} + +//Route Table +resource "aws_route" "primary-internet_access" { + route_table_id = aws_vpc.primary.main_route_table_id + destination_cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.primary.id +} + +resource "aws_route" "peeraccess" { + route_table_id = aws_vpc.primary.main_route_table_id + destination_cidr_block = var.atlas_vpc_cidr + vpc_peering_connection_id = mongodbatlas_network_peering.aws-atlas.connection_id + depends_on = [aws_vpc_peering_connection_accepter.peer] +} + +//Subnet-A +resource "aws_subnet" "primary-az1" { + vpc_id = aws_vpc.primary.id + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = true + availability_zone = "${var.aws_region}a" +} + +//Subnet-B +resource "aws_subnet" "primary-az2" { + vpc_id = aws_vpc.primary.id + cidr_block = "10.0.2.0/24" + map_public_ip_on_launch = false + availability_zone = "${var.aws_region}b" +} + +/*Security-Group +Ingress - Port 80 -- limited to instance + Port 22 -- Open to ssh without limitations +Egress - Open to All*/ + +resource "aws_security_group" "primary_default" { + name_prefix = "default-" + description = "Default security group for all instances in ${aws_vpc.primary.id}" + vpc_id = aws_vpc.primary.id + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = [ + aws_vpc.primary.cidr_block, + ] + } + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_vpc_peering_connection_accepter" "peer" { + vpc_peering_connection_id = mongodbatlas_network_peering.aws-atlas.connection_id + auto_accept = true +} diff --git a/examples/MongoDB-Atlas-AWS-VPC-Peering/variables.tf b/examples/MongoDB-Atlas-AWS-VPC-Peering/variables.tf new file mode 100644 index 0000000000..5b5a6b0e26 --- /dev/null +++ b/examples/MongoDB-Atlas-AWS-VPC-Peering/variables.tf @@ -0,0 +1,39 @@ +variable "public_key" { + description = "The public API key for MongoDB Atlas" +} +variable "private_key" { + description = "The private API key for MongoDB Atlas" +} + +variable "access_key" { + description = "The access key for AWS Account" +} +variable "secret_key" { + description = "The secret key for AWS Account" +} +variable "atlas_region" { + default = "US_EAST_1" + description = "Atlas Region" +} +variable "aws_region" { + default = "ap-southeast-1" + description = "AWS Region" +} +variable "atlas_dbuser" { + description = "The db user for Atlas" +} +variable "atlas_dbpassword" { + description = "The db user passwd for Atlas" +} +variable "aws_account_id" { + description = "My AWS Account ID" + default = "208629369896" +} +variable "atlasorgid" { + description = "Atlas Org ID" + default = "5c98a80fc56c98ef210b8633" +} +variable "atlas_vpc_cidr" { + description = "Atlas CIDR" + default = "192.168.232.0/21" +} diff --git a/examples/MongoDB-Atlas-AWS-VPC-Peering/versions.tf b/examples/MongoDB-Atlas-AWS-VPC-Peering/versions.tf new file mode 100644 index 0000000000..ca35cb0987 --- /dev/null +++ b/examples/MongoDB-Atlas-AWS-VPC-Peering/versions.tf @@ -0,0 +1,11 @@ +terraform { + required_providers { + mongodbatlas = { + source = "mongodb/mongodbatlas" + } + aws = { + source = "hashicorp/aws" + } + } + required_version = ">= 0.15" +} diff --git a/examples/README.md b/examples/Readme.md similarity index 99% rename from examples/README.md rename to examples/Readme.md index d8812392c2..45010277de 100644 --- a/examples/README.md +++ b/examples/Readme.md @@ -17,3 +17,4 @@ $ terraform plan $ terraform apply ... +