INTMDB-364 Add support for serverless private endpoints (AWS + Azure) #913
Conversation
There was a problem hiding this comment.
Few comments below, also can you add documentation as part of this PR? i think we will need 5
Resource:
mongodbatlas_privatelink_endpoint_severless
mongodbatlas_privatelink_endpoint_service_severless
Data Source:
mongodbatlas_privatelink_endpoint_severless
mongodbatlas_privatelink_endpoint_service_severless
mongodbatlas_privatelink_endpoints_service_severless
mongodbatlas/data_source_mongodbatlas_privatelink_endpoint_service_serverless.go
Show resolved
Hide resolved
mongodbatlas/resource_mongodbatlas_privatelink_endpoint_serverless.go
Outdated
Show resolved
Hide resolved
website/docs/r/privatelink_endpoint_service_serverless.html.markdown
Outdated
Show resolved
Hide resolved
website/docs/r/privatelink_endpoint_service_serverless.html.markdown
Outdated
Show resolved
Hide resolved
website/docs/r/privatelink_endpoint_service_serverless.html.markdown
Outdated
Show resolved
Hide resolved
website/docs/r/privatelink_endpoint_service_serverless.html.markdown
Outdated
Show resolved
Hide resolved
website/docs/d/privatelink_endpoint_service_serverless.html.markdown
Outdated
Show resolved
Hide resolved
website/docs/d/privatelink_endpoint_service_serverless.html.markdown
Outdated
Show resolved
Hide resolved
Thanks @martinstibbe for these updates! Just following up on above. We have 1 data source file as part if this PR "endpoint_service_serverless", can you double check if we need 2 more: "endpoints_service_serverless" and "endpoint_serverless"? |
There was a problem hiding this comment.
Discussed this with @Zuhairahmed and it seems the original ticket I created was limited to just AWS while I was out. This need to include Azure as well. Please add the Azure parameters (which it looks like @martinstibbe already added to the go client), at least minimal Azure tests, Azure examples (both MDB and Azure side) and note Azure is supported.
Other comments are mostly docs - note that there was a commit while I was reviewing so I believe all my comments still apply but keep that in mind.
| provider_name = "AWS" | ||
| } | ||
|
|
||
|
|
There was a problem hiding this comment.
Comment from the resource docs below - we copy the resource block into the data source
As noted in the tutorial: https://www.mongodb.com/docs/atlas/security-serverless-private-endpoint/ there is a step between "mongodbatlas_privatelink_endpoint_serverless" and resource "mongodbatlas_privatelink_endpoint_service_serverless" which is to create the interface endpoint on the AWS side. We provide how to do this in the regular privatelink docs: the https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/privatelink_endpoint_service Let's do the same here.
| * `endpoint_service_name` - Unique string that identifies the PrivateLink endpoint service. MongoDB Cloud returns null while it creates the endpoint service. | ||
| * `status` - Human-readable label that indicates the current operating status of the private endpoint. Values include: RESERVATION_REQUESTED, RESERVED, INITIATING, AVAILABLE, FAILED, DELETING. | ||
|
|
||
| For more information see: [MongoDB Atlas API - Serverless Private Endpoints](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Serverless-Private-Endpoints/operation/createOnePrivateEndpointForOneServerlessInstance/) and [MongoDB Atlas API - Online Archive](https://docs.atlas.mongodb.com/reference/api/online-archive/) Documentation. |
There was a problem hiding this comment.
Why would we refer to Online Archive here? Also I think you mixed up resource and data source pages :)
| For more information see: [MongoDB Atlas API - Serverless Private Endpoints](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Serverless-Private-Endpoints/operation/createOnePrivateEndpointForOneServerlessInstance/) and [MongoDB Atlas API - Online Archive](https://docs.atlas.mongodb.com/reference/api/online-archive/) Documentation. | |
| For more information see: [MongoDB Atlas API - Serverless Private Endpoints](https://www.mongodb.com/docs/atlas/reference/api/serverless-private-endpoints-get-one/). |
|
|
||
| In addition to all arguments above, the following attributes are exported: | ||
| * `endpoint_id` - Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. | ||
| * `endpoint_service_name` - Unique string that identifies the PrivateLink endpoint service. MongoDB Cloud returns null while it creates the endpoint service. |
There was a problem hiding this comment.
Do we really need to mention the null return here? Will the Terraform user ever see that?
| * `endpoint_service_name` - Unique string that identifies the PrivateLink endpoint service. MongoDB Cloud returns null while it creates the endpoint service. | |
| * `endpoint_service_name` - Unique string that identifies the PrivateLink endpoint service. |
There was a problem hiding this comment.
that's the definition we have in new docs: https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Serverless-Private-Endpoints/operation/createOnePrivateEndpointForOneServerlessInstance
There was a problem hiding this comment.
agree doesn't make sense for external user using terraform, we should delete second sentence
| provider_name = "AWS" | ||
| } | ||
|
|
||
|
|
There was a problem hiding this comment.
As noted in the tutorial: https://www.mongodb.com/docs/atlas/security-serverless-private-endpoint/ there is a step between "mongodbatlas_privatelink_endpoint_serverless" and resource "mongodbatlas_privatelink_endpoint_service_serverless" which is to create the interface endpoint on the AWS side. We provide how to do this in the regular privatelink docs: the https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/privatelink_endpoint_service Let's do the same here.
There was a problem hiding this comment.
This is still missing the AWS block. Azure has one so just need this like that.
|
|
||
| resource "mongodbatlas_privatelink_endpoint_service_serverless" "test" { | ||
| project_id = "<PROJECT_ID>" | ||
| instance_name = "test-db" |
There was a problem hiding this comment.
I don't think they'd want to hard code this but use mongodbatlas_serverless_instance.test.name again?
| * `comment` - Human-readable string to associate with this private endpoint. | ||
| * `status` - Human-readable label that indicates the current operating status of the private endpoint. Values include: RESERVATION_REQUESTED, RESERVED, INITIATING, AVAILABLE, FAILED, DELETING. | ||
|
|
||
| For more information see: [MongoDB Atlas API - Serverless Private Endpoints](https://www.mongodb.com/docs/atlas/reference/api/serverless-private-endpoints-get-one/) and [MongoDB Atlas API - Online Archive](https://docs.atlas.mongodb.com/reference/api/online-archive/) Documentation. |
There was a problem hiding this comment.
| For more information see: [MongoDB Atlas API - Serverless Private Endpoints](https://www.mongodb.com/docs/atlas/reference/api/serverless-private-endpoints-get-one/) and [MongoDB Atlas API - Online Archive](https://docs.atlas.mongodb.com/reference/api/online-archive/) Documentation. | |
| For more information see: [MongoDB Atlas API - Serverless Private Endpoints](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Serverless-Private-Endpoints/operation/createOnePrivateEndpointForOneServerlessInstance/). |
| ## Argument Reference | ||
|
|
||
| * `project_id` - (Required) Unique 24-digit hexadecimal string that identifies the project. | ||
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance associated with the tenant endpoint |
There was a problem hiding this comment.
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance associated with the tenant endpoint | |
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance |
| ## Argument Reference | ||
|
|
||
| * `project_id` - (Required) Unique 24-digit hexadecimal string that identifies the project. | ||
| * `instance_name` - (Required) Serverless instance name to attach private |
There was a problem hiding this comment.
| * `instance_name` - (Required) Serverless instance name to attach private | |
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance |
| ## Argument Reference | ||
|
|
||
| * `project_id` - (Required) Unique 24-digit hexadecimal string that identifies the project. | ||
| * `instance_name` - (Required) Serverless instance name to attach private |
There was a problem hiding this comment.
| * `instance_name` - (Required) Serverless instance name to attach private | |
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance |
Zuhairahmed
changed the title
…loud_provider_endpoint_id
| --- | ||
|
|
||
|
|
||
| # Data Source: privatelink_endpoint_service_serverless |
There was a problem hiding this comment.
| # Data Source: privatelink_endpoint_service_serverless | |
| # Resource: privatelink_endpoint_service_serverless |
| --- | ||
|
|
||
|
|
||
| # Data Source: privatelink_endpoint_serverless |
There was a problem hiding this comment.
| # Data Source: privatelink_endpoint_serverless | |
| # Resource: privatelink_endpoint_serverless |
|
|
||
| * `project_id` - (Required) Unique 24-digit hexadecimal string that identifies the project. | ||
| * `instance_name` - (Required)Human-readable label that identifies the serverless instance. | ||
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint's network interface. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. |
There was a problem hiding this comment.
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint's network interface. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. | |
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint's network interface. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. |
| ## Argument Reference | ||
|
|
||
| * `project_id` - (Required) Unique 24-digit hexadecimal string that identifies the project. | ||
| * `instance_name` - (Required)Human-readable label that identifies the serverless instance. |
There was a problem hiding this comment.
| * `instance_name` - (Required)Human-readable label that identifies the serverless instance. | |
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance. |
| ## Attributes Reference | ||
|
|
||
| In addition to all arguments above, the following attributes are exported: | ||
| * `endpoint_id` - Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. |
There was a problem hiding this comment.
| * `endpoint_id` - Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. | |
| * `endpoint_id` - Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. |
There was a problem hiding this comment.
Thanks for quick turnaround @martinstibbe. Few more minor doc edits, otherwise LTGM!
|
|
||
| * `project_id` - (Required) Unique 24-digit hexadecimal string that identifies the project. | ||
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance | ||
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. |
There was a problem hiding this comment.
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. | |
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. |
| Each object in the `results` array represents an online archive with the following attributes: | ||
| * `cloud_provider_endpoint_id` - Unique string that identifies the private endpoint's network interface. | ||
| * `comment` - Human-readable string to associate with this private endpoint. | ||
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. |
There was a problem hiding this comment.
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [|aws| PrivateLink](https://aws.amazon.com/privatelink/) feature. | |
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. |
| This feature is not available for M0 free clusters, M2, and M5 clusters. To learn more about which features are unavailable, see [Atlas M0 (Free Cluster), M2, and M5 Limitations.](https://www.mongodb.com/docs/atlas/reference/free-shared-limitations/#std-label-atlas-free-tier) | ||
| ## Example Usage | ||
|
|
||
| ### Basic |
There was a problem hiding this comment.
More a nit but if there's a "Basic" I expect an advanced option. But this doesn't really have an advanced option. Not blocking but probably better to remove it or rename it something like "AWS Example".
| provider_name = "AWS" | ||
| } | ||
|
|
||
|
|
There was a problem hiding this comment.
This is still missing the AWS block. Azure has one so just need this like that.
| name = "test-db" | ||
| provider_settings_backing_provider_name = "AZURE" | ||
| provider_settings_provider_name = "SERVERLESS" | ||
| provider_settings_region_name = "US_EAST_1" |
There was a problem hiding this comment.
Azure doesn't have a US_EAST_1.
| provider_settings_region_name = "US_EAST_1" | |
| provider_settings_region_name = "US_EAST" |
| name = "test-db" | ||
| provider_settings_backing_provider_name = "AZURE" | ||
| provider_settings_provider_name = "SERVERLESS" | ||
| provider_settings_region_name = "US_EAST_1" |
There was a problem hiding this comment.
There is no US_EAST_1 in Azure: https://www.mongodb.com/docs/atlas/reference/microsoft-azure/#std-label-microsoft-azure
| provider_settings_region_name = "US_EAST_1" | |
| provider_settings_region_name = "US_EAST" |
| ## Attributes Reference | ||
|
|
||
| In addition to all arguments above, the following attributes are exported: | ||
| * `endpoint_id` - Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. |
There was a problem hiding this comment.
Since both AWS and Azure just remove the AWS comment. Also id returned is 24 - copied this from the original docs: https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Serverless-Private-Endpoints/operation/returnAllPrivateEndpointsForOneServerlessInstance
| * `endpoint_id` - Unique 22-character alphanumeric string that identifies the private endpoint. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. | |
| * `endpoint_id` - Unique 24-hexadecimal digit string that identifies the private endpoint. |
|
|
||
| * `project_id` - (Required) Unique 24-digit hexadecimal string that identifies the project. | ||
| * `instance_name` - (Required) Human-readable label that identifies the serverless instance. | ||
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint's network interface. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. |
There was a problem hiding this comment.
Similar to above - remove AWS. Also 24, not 22:
| * `endpoint_id` - (Required) Unique 22-character alphanumeric string that identifies the private endpoint's network interface. Atlas supports AWS private endpoints using the [AWS PrivateLink](https://aws.amazon.com/privatelink/) feature. | |
| * `endpoint_id` - (Required) Unique 24-hexadecimal digit string that identifies the private endpoint. | |
* INTMDB-444: Add support for termination protection enabled feature (#912) * Initial commit of termination_protection_enabled support * Lint dead code removal * INTMDB-364 Add support for serverless private endpoints (AWS + Azure) (#913) * Add support for serverless private endpoints * Correct lint error * Update 1.5.0-upgrade-guide.html.markdown * Update 1.5.0-upgrade-guide.html.markdown * Add documentation for serverless endpoints * Update Schema timeout values * Update documentation * Add privatelink_endpoints_service_serverless datasource and documentation * Fix lint error * Add support for Azure private endpoints * Provide additional examples for AWS and AZURE standardize parameter cloud_provider_endpoint_id * Additional examples * Tidy up docs * Update Doc region for Azure * Add AWS aws_vpc_endpoint to link to mongodbatlas_privatelink_endpoint_service_serverless * Remove Extra note Co-authored-by: Zuhair Ahmed <[email protected]> Co-authored-by: Zuhair Ahmed <[email protected]>
Description
Add support for serverless private endpoints (AWS)
Link to any related issue(s):
Type of change:
Required Checklist:
Further comments