awscdk-resources-mongodbatlas
awscdk-resources-mongodbatlas copied to clipboard
CfnCloudBackupSnapshotExportBucket requires iamRoleId, but it is unclear how to create this id / its creation does not seem to be supported in CDK.
Is your feature request related to a problem? Please describe.
Looking at the documentation for creating a snapshot extract bucket (https://github.com/mongodb/awscdk-resources-mongodbatlas/tree/ef4c0a5d15e15cac3a4f96d524aaf98e4a6966fa/src/l1-resources/cloud-backup-snapshot-export-bucket) this construct requires an iamRoleId
of 24 characters. Using the Admin API, this can be created using the cloudProviderAccess endpoint (https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Cloud-Provider-Access/operation/createCloudProviderAccessRole) - this is then granted permission with a local IAM role with access to the bucket.
This operation does not appear to exist with the CDK at present, and so creation of a snapshot export bucket is not possible.
Describe the solution you'd like Either update the documentation with a practical example showing how it is possible with the current CDK implementation, or add the cloudProviderAccess endpoint support into the CDK.
Describe alternatives you've considered A mixed approach, using the CDK tools for project creation, and the API for cloud provider access, but with no success.