INTMDB-224: [Terraform] Support AtlasGov with Terraform #865
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
martinstibbe
requested review from
andreaangiolillo and
themantissa
as code owners
themantissa
requested changes
Oct 21, 2022
website/docs/r/project.html.markdown
Outdated
| @@ -87,6 +87,7 @@ api_keys allows one to assign an existing organization programmatic API key to a | |||
| * `is_performance_advisor_enabled` - (Optional) Flag that indicates whether to enable Performance Advisor and Profiler for the project. If enabled, you can analyze database logs to recommend performance improvements. | |||
| * `is_realtime_performance_panel_enabled` - (Optional) Flag that indicates whether to enable Real Time Performance Panel for the project. If enabled, you can see real time metrics from your MongoDB database. | |||
| * `is_schema_advisor_enabled` - (Optional) Flag that indicates whether to enable Schema Advisor for the project. If enabled, you receive customized recommendations to optimize your data model and enhance performance. Disable this setting to disable schema suggestions in the [Performance Advisor](https://www.mongodb.com/docs/atlas/performance-advisor/#std-label-performance-advisor) and the [Data Explorer](https://www.mongodb.com/docs/atlas/atlas-ui/#std-label-atlas-ui). | |||
| * `is_mongodbgov_cloud` - (Optional) Enable Government Cloud API [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |||
There was a problem hiding this comment.
Suggested change
| * `is_mongodbgov_cloud` - (Optional) Enable Government Cloud API [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |
| * `is_mongodbgov_cloud` - (Optional) Enable the provider for use with [MongoDB Atlas for Government](https://www.mongodb.com/docs/atlas/government/). |
themantissa
reviewed
Oct 21, 2022
|
|
||
| mongodbgovCloud := pointy.Bool(d.Get("is_mongodbgov_cloud").(bool)) | ||
| if *mongodbgovCloud { | ||
| regionUsageRestrictions = "GOV_REGIONS_ONLY" |
There was a problem hiding this comment.
Wait - actually @martinstibbe I think two different things got mixed up here and I didn't realize it till I hit submit on my review. There's having all the API requests coming from the provider go to gov cloud - that's one thing. That's why I suggested to have the gov part in the actual provider settings. But this is mixing up setting a project to only use gov cloud regions as setting the whole provider to use the gov cloud url. This should actually, imho, be two different settings. The provider should be able to be pointed to the different baseURL. Then one when creating a project should be able to set "regionUsageRestrictions" : "GOV_REGIONS_ONLY" As the docs say "By default, the AtlasGov API designates new projects for standard region usage. To use the API to create a project for government regions, include the following in your POST request data" Happy to chat about this to clear it up and we can confirm my understanding with Salman (PM for govcloud).
themantissa
requested changes
Oct 26, 2022
website/docs/r/project.html.markdown
Outdated
| @@ -87,6 +87,7 @@ api_keys allows one to assign an existing organization programmatic API key to a | |||
| * `is_performance_advisor_enabled` - (Optional) Flag that indicates whether to enable Performance Advisor and Profiler for the project. If enabled, you can analyze database logs to recommend performance improvements. | |||
| * `is_realtime_performance_panel_enabled` - (Optional) Flag that indicates whether to enable Real Time Performance Panel for the project. If enabled, you can see real time metrics from your MongoDB database. | |||
| * `is_schema_advisor_enabled` - (Optional) Flag that indicates whether to enable Schema Advisor for the project. If enabled, you receive customized recommendations to optimize your data model and enhance performance. Disable this setting to disable schema suggestions in the [Performance Advisor](https://www.mongodb.com/docs/atlas/performance-advisor/#std-label-performance-advisor) and the [Data Explorer](https://www.mongodb.com/docs/atlas/atlas-ui/#std-label-atlas-ui). | |||
| * `region_usage_restrictions` - (Optional) To create a project for government regions [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |||
There was a problem hiding this comment.
Since this is set to a string they should pass in "GOV_REGIONS_ONLY", yes? - see https://www.mongodb.com/docs/atlas/government/api/#creating-a-project? If I'm correct we need to tell the user that. for example:
Suggested change
| * `region_usage_restrictions` - (Optional) To create a project for government regions [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |
| * `region_usage_restrictions` - (Optional - set value to GOV_REGIONS_ONLY) Designates that this project can be used for government regions only. If not set the project will default to standard regions. You cannot deploy clusters across government and standard regions in the same project. AWS is the only cloud provider for AtlasGov. For more information see [MongoDB Atlas for Government](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). |
| @@ -81,5 +81,6 @@ The following are valid roles: | |||
| * `is_performance_advisor_enabled` - Flag that indicates whether to enable Performance Advisor and Profiler for the project. If enabled, you can analyze database logs to recommend performance improvements. | |||
| * `is_realtime_performance_panel_enabled` - Flag that indicates whether to enable Real Time Performance Panel for the project. If enabled, you can see real time metrics from your MongoDB database. | |||
| * `is_schema_advisor_enabled` - Flag that indicates whether to enable Schema Advisor for the project. If enabled, you receive customized recommendations to optimize your data model and enhance performance. Disable this setting to disable schema suggestions in the [Performance Advisor](https://www.mongodb.com/docs/atlas/performance-advisor/#std-label-performance-advisor) and the [Data Explorer](https://www.mongodb.com/docs/atlas/atlas-ui/#std-label-atlas-ui). | |||
| * `region_usage_restrictions` - Project for government regions have restriction parameters to confine resources to particular regions [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |||
There was a problem hiding this comment.
Suggested change
| * `region_usage_restrictions` - Project for government regions have restriction parameters to confine resources to particular regions [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |
| * `region_usage_restrictions` - If GOV_REGIONS_ONLY the project can be used for government regions only, otherwise defaults to standard regions. For more information see [MongoDB Atlas for Government](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). |
website/docs/d/project.html.markdown
Outdated
| @@ -102,5 +102,7 @@ The following are valid roles: | |||
| * `is_performance_advisor_enabled` - Flag that indicates whether to enable Performance Advisor and Profiler for the project. If enabled, you can analyze database logs to recommend performance improvements. | |||
| * `is_realtime_performance_panel_enabled` - Flag that indicates whether to enable Real Time Performance Panel for the project. If enabled, you can see real time metrics from your MongoDB database. | |||
| * `is_schema_advisor_enabled` - Flag that indicates whether to enable Schema Advisor for the project. If enabled, you receive customized recommendations to optimize your data model and enhance performance. Disable this setting to disable schema suggestions in the [Performance Advisor](https://www.mongodb.com/docs/atlas/performance-advisor/#std-label-performance-advisor) and the [Data Explorer](https://www.mongodb.com/docs/atlas/atlas-ui/#std-label-atlas-ui). | |||
| * `region_usage_restrictions` - Project for government regions have restriction parameters to confine resources to particular regions [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |||
There was a problem hiding this comment.
Suggested change
| * `region_usage_restrictions` - Project for government regions have restriction parameters to confine resources to particular regions [Government Cloud](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). | |
| * `region_usage_restrictions` - If GOV_REGIONS_ONLY the project can be used for government regions only, otherwise defaults to standard regions. For more information see [MongoDB Atlas for Government](https://www.mongodb.com/docs/atlas/government/api/#creating-a-project). |
| name = "%[1]s" | ||
| org_id = "%[2]s" | ||
| project_owner_id = "%[3]s" | ||
| is_mongodbgov_cloud = true |
There was a problem hiding this comment.
since this is now at the provider level don't think this test applies anymore. Need to update to region_usage_restrictions test.
There was a problem hiding this comment.
Changed test to use region_usage_restrictions parameter
| @@ -60,6 +62,11 @@ func Provider() *schema.Provider { | |||
| DefaultFunc: schema.EnvDefaultFunc("MONGODB_REALM_BASE_URL", ""), | |||
| Description: "MongoDB Realm Base URL", | |||
| }, | |||
| "is_mongodbgov_cloud": { | |||
There was a problem hiding this comment.
Now that we have this we need to add a section to this page: https://github.com/mongodb/terraform-provider-mongodbatlas/blob/master/website/docs/index.html.markdown
Configure MongoDB Atlas for Government
In order to enable the Terraform MongoDB Atlas Provider for use with MongoDB Atlas for Government add is_mongodbgov_cloud = true to your provider configuration:
# Configure the MongoDB Atlas Provider for MongoDB Atlas for Government
provider "mongodbatlas" {
public_key = var.mongodbatlas_public_key
private_key = var.mongodbatlas_private_key
is_mongodbgov_cloud = true
}
# Create the resourcesThere was a problem hiding this comment.
Added gov configuration section
themantissa
approved these changes
Oct 27, 2022
matt-condon
approved these changes
Oct 28, 2022
martinstibbe
added a commit
that referenced
this pull request
Nov 2, 2022
* INTMDB-405: [Terraform] Add cluster label to advanced clusters (#857) * Update CHANGELOG.md (#849) * INTMDB-405: Add default label if none supplied * Add test for default label exising * Flatten nested IF statement * Relying on atlas api for unit validation on alert configuration (#862) * INTMDB-334: privatelink endpoint service configurable timeout (#859) * Made timeout for privatelink endpoint service configurable * Updated context to be with timeout, added documentation on how the timeout works * Updated documentation to have proper default timeout of 2h * INTMDB-373: Add new notification parameters to the mongodbatlas_alert_config resource (#877) * Add support for MS Teams SDK webhook * make fmt * Update documentation add Webhook * Update docs * Update to v0.18 * encryption_at_rest M10+ limit doc update (#886) * INTMDB-224: [Terraform] Support AtlasGov with Terraform (#865) * Add Gov variables workflow and test case * Change test pre check to handle gov env variables * Adjust env variable test validation * Add provider parameter for Gov cloud and region_usage_restrictions to datasources * Update project government test update docs * INTMDB-370 -- PIT Restore Example (#870) * INTMDB-369: Updated validation logic for cloud_backup_snapshot_restore_job (#813) * Updated validation logic for cloud_backup_snapshot_restore_job * Fixed lint errors * Updated test-upgrade v110 to use pit restore * Fixed var name in example for pit ts * Updated v110 example to use cloud backup snapshot resource with pit and valid instructions * Removed changes to v110 example and created a v146 example * Fixed the v110 example to work with disk_size requirements and added link to new examples on the tf docs. * Fixed documentation and moved example * Moved example again, and fixed links in documentation * Fixed formatting on example * Fixed formatting to account for removal of disk size * Correct example in test to use arrays and minGram parameter error (#891) * INTMDB-378: Add link for How To Guide for existing container ID (#883) * Add link for How To Guide for existing container ID * Document corrections * 3 remaining doc updates * Update CHANGELOG.md * Update CHANGELOG.md * INTMDB-314 Cluster Tenant Upgrade (#874) * Initial commit for cluster upgrade * Updated to use a custom customizeDiff func * Setting cluster_id and resource ID to the updated values in the case of a cluster upgrade * Updated logic for determining whether upgrade is required * Removed conflation on willUpgrade and tenant changes. Added error checking * Updated cluster docs to denote upgrade support * Added an example tenant upgrade * Fixed formatting issues * Added code to upgrade advanced_cluster * Moved example again, for some reason * Moved examples, got advanced-cluster tenantUpgrade working * Fixed linter issues with advanced cluster * removed unnecessary explicit setting of cluster_id * Updated new examples to work with tf 0.13 * Update website/docs/r/advanced_cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Update website/docs/r/advanced_cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Update website/docs/r/advanced_cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Update website/docs/r/cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Addressed some criticisms of new tenant-upgrade examples * Applied suggested docs changes for cluster tenant upgrade * Apply suggestions from code review Applied docs changes suggested for advanced-cluster tenant upgrade readme Co-authored-by: Melissa Plunkett <[email protected]> * Updated cluster tenant upgrade readme to match that of the advanced cluster * Addressed last remaining README suggestions for new examples * Fixed naming on variables and re-pausing cluster after upgrade if necessary * Reduced nested ifs in cluster update * No longer attempting to unpause tenant tier clusters prior to upgrade. Any updates fail * Fixed linter error on bool init Co-authored-by: Melissa Plunkett <[email protected]> * Update CHANGELOG.md Co-authored-by: martinstibbe <[email protected]> Co-authored-by: Zuhair Ahmed <[email protected]> Co-authored-by: Melissa Plunkett <[email protected]>
Zuhairahmed
added a commit
that referenced
this pull request
Nov 3, 2022
* INTMDB-405: [Terraform] Add cluster label to advanced clusters (#857) * Update CHANGELOG.md (#849) * INTMDB-405: Add default label if none supplied * Add test for default label exising * Flatten nested IF statement * Relying on atlas api for unit validation on alert configuration (#862) * INTMDB-334: privatelink endpoint service configurable timeout (#859) * Made timeout for privatelink endpoint service configurable * Updated context to be with timeout, added documentation on how the timeout works * Updated documentation to have proper default timeout of 2h * INTMDB-373: Add new notification parameters to the mongodbatlas_alert_config resource (#877) * Add support for MS Teams SDK webhook * make fmt * Update documentation add Webhook * Update docs * Update to v0.18 * encryption_at_rest M10+ limit doc update (#886) * INTMDB-224: [Terraform] Support AtlasGov with Terraform (#865) * Add Gov variables workflow and test case * Change test pre check to handle gov env variables * Adjust env variable test validation * Add provider parameter for Gov cloud and region_usage_restrictions to datasources * Update project government test update docs * INTMDB-370 -- PIT Restore Example (#870) * INTMDB-369: Updated validation logic for cloud_backup_snapshot_restore_job (#813) * Updated validation logic for cloud_backup_snapshot_restore_job * Fixed lint errors * Updated test-upgrade v110 to use pit restore * Fixed var name in example for pit ts * Updated v110 example to use cloud backup snapshot resource with pit and valid instructions * Removed changes to v110 example and created a v146 example * Fixed the v110 example to work with disk_size requirements and added link to new examples on the tf docs. * Fixed documentation and moved example * Moved example again, and fixed links in documentation * Fixed formatting on example * Fixed formatting to account for removal of disk size * Correct example in test to use arrays and minGram parameter error (#891) * INTMDB-378: Add link for How To Guide for existing container ID (#883) * Add link for How To Guide for existing container ID * Document corrections * 3 remaining doc updates * Update CHANGELOG.md * Update CHANGELOG.md * INTMDB-314 Cluster Tenant Upgrade (#874) * Initial commit for cluster upgrade * Updated to use a custom customizeDiff func * Setting cluster_id and resource ID to the updated values in the case of a cluster upgrade * Updated logic for determining whether upgrade is required * Removed conflation on willUpgrade and tenant changes. Added error checking * Updated cluster docs to denote upgrade support * Added an example tenant upgrade * Fixed formatting issues * Added code to upgrade advanced_cluster * Moved example again, for some reason * Moved examples, got advanced-cluster tenantUpgrade working * Fixed linter issues with advanced cluster * removed unnecessary explicit setting of cluster_id * Updated new examples to work with tf 0.13 * Update website/docs/r/advanced_cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Update website/docs/r/advanced_cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Update website/docs/r/advanced_cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Update website/docs/r/cluster.html.markdown Co-authored-by: Melissa Plunkett <[email protected]> * Addressed some criticisms of new tenant-upgrade examples * Applied suggested docs changes for cluster tenant upgrade * Apply suggestions from code review Applied docs changes suggested for advanced-cluster tenant upgrade readme Co-authored-by: Melissa Plunkett <[email protected]> * Updated cluster tenant upgrade readme to match that of the advanced cluster * Addressed last remaining README suggestions for new examples * Fixed naming on variables and re-pausing cluster after upgrade if necessary * Reduced nested ifs in cluster update * No longer attempting to unpause tenant tier clusters prior to upgrade. Any updates fail * Fixed linter error on bool init Co-authored-by: Melissa Plunkett <[email protected]> * Update CHANGELOG.md * Add additional secret to workflow * Fix failing cluster paused test (#900) * Updated logic for when we pause a cluster * Fixed typo on provider_instance_size_name * Made logic on isUpgradeRequired a bit more concise Co-authored-by: Dosty Everts <[email protected]> Co-authored-by: Zuhair Ahmed <[email protected]> Co-authored-by: Melissa Plunkett <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR is for testing Gov Cloud pipeline flow for basic acceptance test validation
Link to any related issue(s):
Type of change:
Required Checklist:
Further comments