From fcc080ea201b920e7771f163185ef9a9d25c6f3e Mon Sep 17 00:00:00 2001 From: Andrea Angiolillo Date: Thu, 3 Jul 2025 14:49:15 +0100 Subject: [PATCH 1/6] CLOUDP-329198: [Terraform] Updates all the doc links to use the new bump.sh format --- docs/resources/encryption_at_rest.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/encryption_at_rest.md b/docs/resources/encryption_at_rest.md index 98c77466ef..933f73ec25 100644 --- a/docs/resources/encryption_at_rest.md +++ b/docs/resources/encryption_at_rest.md @@ -13,7 +13,7 @@ See [Encryption at Rest](https://docs.atlas.mongodb.com/security-kms-encryption/ ~> **IMPORTANT** By default, Atlas enables encryption at rest for all cluster storage and snapshot volumes. -~> **IMPORTANT** Atlas limits this feature to dedicated cluster tiers of M10 and greater. For more information see: https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/group/endpoint-encryption-at-rest-using-customer-key-management +~> **IMPORTANT** Atlas limits this feature to dedicated cluster tiers of M10 and greater. For more information see: https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/group/endpoint-encryption-at-rest-using-customer-key-management -> **NOTE:** Groups and projects are synonymous terms. You may find `groupId` in the official documentation. From 70d95a0dd0f81db391bd984762dc4ca62ddffd3d Mon Sep 17 00:00:00 2001 From: Andrea Angiolillo Date: Thu, 17 Jul 2025 13:34:33 +0100 Subject: [PATCH 2/6] CLOUDP-332049: add support for `MONGODB_ATLAS_PUBLIC_API_KEY ` and `MONGODB_ATLAS_PRIVATE_API_KEY ` to TF --- docs/index.md | 11 +++++------ internal/provider/provider.go | 2 ++ internal/provider/provider_sdk2.go | 2 ++ 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/docs/index.md b/docs/index.md index c751bab236..260930f484 100644 --- a/docs/index.md +++ b/docs/index.md @@ -49,7 +49,7 @@ You can use any the following methods: ### Environment Variables You can also provide your credentials via the environment variables, -`MONGODB_ATLAS_PUBLIC_KEY` and `MONGODB_ATLAS_PRIVATE_KEY`, +`MONGODB_ATLAS_PUBLIC_API_KEY` and `MONGODB_ATLAS_PRIVATE_API_KEY`, for your public and private MongoDB Atlas programmatic API key pair respectively: ```terraform @@ -59,14 +59,13 @@ provider "mongodbatlas" {} Usage (prefix the export commands with a space to avoid the keys being recorded in OS history): ```shell -$ export MONGODB_ATLAS_PUBLIC_KEY="" -$ export MONGODB_ATLAS_PRIVATE_KEY="" +$ export MONGODB_ATLAS_PUBLIC_API_KEY="" +$ export MONGODB_ATLAS_PRIVATE_API_KEY="" $ terraform plan ``` -As an alternative to `MONGODB_ATLAS_PUBLIC_KEY` and `MONGODB_ATLAS_PRIVATE_KEY` -if you are using [MongoDB CLI](https://docs.mongodb.com/mongocli/stable/) -then `MCLI_PUBLIC_API_KEY` and `MCLI_PRIVATE_API_KEY` are also supported. +We recommend using `MONGODB_ATLAS_PUBLIC_API_KEY` and `MONGODB_ATLAS_PRIVATE_API_KEY` environment variables as they maintain compatibility with other MongoDB tools. +While `MONGODB_ATLAS_PUBLIC_KEY` and `MONGODB_ATLAS_PRIVATE_KEY` are also supported as alternatives, they are not as widely used across the MongoDB ecosystem. ### AWS Secrets Manager AWS Secrets Manager (AWS SM) helps to manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles. See [product page](https://aws.amazon.com/secrets-manager/) and [documentation](https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html) for more details. diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 061c21d7a0..4873ddcbf1 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -352,6 +352,7 @@ func setDefaultValuesWithValidations(ctx context.Context, data *tfMongodbAtlasPr if data.PublicKey.ValueString() == "" { data.PublicKey = types.StringValue(MultiEnvDefaultFunc([]string{ + "MONGODB_ATLAS_PUBLIC_API_KEY", "MONGODB_ATLAS_PUBLIC_KEY", "MCLI_PUBLIC_API_KEY", }, "").(string)) @@ -362,6 +363,7 @@ func setDefaultValuesWithValidations(ctx context.Context, data *tfMongodbAtlasPr if data.PrivateKey.ValueString() == "" { data.PrivateKey = types.StringValue(MultiEnvDefaultFunc([]string{ + "MONGODB_ATLAS_PRIVATE_API_KEY", "MONGODB_ATLAS_PRIVATE_KEY", "MCLI_PRIVATE_API_KEY", }, "").(string)) diff --git a/internal/provider/provider_sdk2.go b/internal/provider/provider_sdk2.go index b81132686c..052a3518d7 100644 --- a/internal/provider/provider_sdk2.go +++ b/internal/provider/provider_sdk2.go @@ -351,6 +351,7 @@ func setDefaultsAndValidations(d *schema.ResourceData) diag.Diagnostics { } if err := setValueFromConfigOrEnv(d, "public_key", []string{ + "MONGODB_ATLAS_PUBLIC_API_KEY", "MONGODB_ATLAS_PUBLIC_KEY", "MCLI_PUBLIC_API_KEY", }); err != nil { @@ -361,6 +362,7 @@ func setDefaultsAndValidations(d *schema.ResourceData) diag.Diagnostics { } if err := setValueFromConfigOrEnv(d, "private_key", []string{ + "MONGODB_ATLAS_PRIVATE_API_KEY", "MONGODB_ATLAS_PRIVATE_KEY", "MCLI_PRIVATE_API_KEY", }); err != nil { From 2719ab3feed6ecdb69ade131145d0e511b01357e Mon Sep 17 00:00:00 2001 From: Andrea Angiolillo Date: Thu, 17 Jul 2025 13:39:47 +0100 Subject: [PATCH 3/6] Update encryption_at_rest.md --- docs/resources/encryption_at_rest.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/encryption_at_rest.md b/docs/resources/encryption_at_rest.md index 933f73ec25..98c77466ef 100644 --- a/docs/resources/encryption_at_rest.md +++ b/docs/resources/encryption_at_rest.md @@ -13,7 +13,7 @@ See [Encryption at Rest](https://docs.atlas.mongodb.com/security-kms-encryption/ ~> **IMPORTANT** By default, Atlas enables encryption at rest for all cluster storage and snapshot volumes. -~> **IMPORTANT** Atlas limits this feature to dedicated cluster tiers of M10 and greater. For more information see: https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/group/endpoint-encryption-at-rest-using-customer-key-management +~> **IMPORTANT** Atlas limits this feature to dedicated cluster tiers of M10 and greater. For more information see: https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/group/endpoint-encryption-at-rest-using-customer-key-management -> **NOTE:** Groups and projects are synonymous terms. You may find `groupId` in the official documentation. From 2edc639ce9ba234950a6fab2bb9580d666366f82 Mon Sep 17 00:00:00 2001 From: Andrea Angiolillo Date: Thu, 17 Jul 2025 14:06:55 +0100 Subject: [PATCH 4/6] Create 3505.txt --- .changelog/3505.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/3505.txt diff --git a/.changelog/3505.txt b/.changelog/3505.txt new file mode 100644 index 0000000000..3118b0a0c7 --- /dev/null +++ b/.changelog/3505.txt @@ -0,0 +1,3 @@ +```release-note:note +New environment variables: We added support for the `MONGODB_ATLAS_PUBLIC_API_KEY` and `MONGODB_ATLAS_PRIVATE_API_KEY` environment variables which are widely used across the MongoDB ecosystem. +``` From 5d0fa4960a5f636a9eedc2e5bf25bd38b5c4816b Mon Sep 17 00:00:00 2001 From: Andrea Angiolillo Date: Thu, 17 Jul 2025 15:49:16 +0100 Subject: [PATCH 5/6] Addressed Doc's comments --- docs/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/index.md b/docs/index.md index 260930f484..1db163ff87 100644 --- a/docs/index.md +++ b/docs/index.md @@ -64,8 +64,8 @@ $ export MONGODB_ATLAS_PRIVATE_API_KEY="" $ terraform plan ``` -We recommend using `MONGODB_ATLAS_PUBLIC_API_KEY` and `MONGODB_ATLAS_PRIVATE_API_KEY` environment variables as they maintain compatibility with other MongoDB tools. -While `MONGODB_ATLAS_PUBLIC_KEY` and `MONGODB_ATLAS_PRIVATE_KEY` are also supported as alternatives, they are not as widely used across the MongoDB ecosystem. +We recommend that you use the `MONGODB_ATLAS_PUBLIC_API_KEY` and `MONGODB_ATLAS_PRIVATE_API_KEY` environment variables because they are compatible with other MongoDB tools, such as Atlas CLI. +You can still use `MONGODB_ATLAS_PUBLIC_KEY` and `MONGODB_ATLAS_PRIVATE_KEY` as alternative keys in your local environment. However, these parameters are not guaranteed to work across all tools in the MongoDB ecosystem. ### AWS Secrets Manager AWS Secrets Manager (AWS SM) helps to manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles. See [product page](https://aws.amazon.com/secrets-manager/) and [documentation](https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html) for more details. From f01957b4bb6cb310f3936d476ae4713e138fa464 Mon Sep 17 00:00:00 2001 From: Andrea Angiolillo Date: Thu, 17 Jul 2025 15:50:12 +0100 Subject: [PATCH 6/6] Update index.md --- docs/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/index.md b/docs/index.md index 1db163ff87..f02c4288d1 100644 --- a/docs/index.md +++ b/docs/index.md @@ -65,7 +65,7 @@ $ terraform plan ``` We recommend that you use the `MONGODB_ATLAS_PUBLIC_API_KEY` and `MONGODB_ATLAS_PRIVATE_API_KEY` environment variables because they are compatible with other MongoDB tools, such as Atlas CLI. -You can still use `MONGODB_ATLAS_PUBLIC_KEY` and `MONGODB_ATLAS_PRIVATE_KEY` as alternative keys in your local environment. However, these parameters are not guaranteed to work across all tools in the MongoDB ecosystem. +You can still use `MONGODB_ATLAS_PUBLIC_KEY` and `MONGODB_ATLAS_PRIVATE_KEY` as alternative keys in your local environment. However, these environment variables are not guaranteed to work across all tools in the MongoDB ecosystem. ### AWS Secrets Manager AWS Secrets Manager (AWS SM) helps to manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles. See [product page](https://aws.amazon.com/secrets-manager/) and [documentation](https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html) for more details.