terraform-provider-mongodbatlas
terraform-provider-mongodbatlas copied to clipboard
How do I create Organization API Key with Organization Billing Admin permission and Project Read Only for projects
Until 1.10.0, I create an organization API key using mongodbatlas_api_key
and api_keys
parameter of mongodbatlas_project
to get the organization API key with "Organization Billing Admin" permission and "Project Read Only" permission for multiple projects as following.
resource "mongodbatlas_api_key" "test" {
org_id = "<ORG ID>"
role_names = ["ORG_BILLING_ADMIN"]
}
resource "mongodbatlas_project" "test1" {
name = "project-1"
org_id = "<ORG ID>"
api_keys {
api_key_id = mongodbatlas_api_key.test.api_key_id
role_names = ["GROUP_READ_ONLY"]
}
}
resource "mongodbatlas_project" "test2" {
name = "project-2"
org_id = "<ORG ID>"
api_keys {
api_key_id = mongodbatlas_api_key.test.api_key_id
role_names = ["GROUP_READ_ONLY"]
}
}
In the mongodbatlas provider 1.10.0, api_keys
of mongodbatlas_project
is deprecated, and mongodbatlas_project_api_key
comes. I'm sure mongodbatlas_project_api_key
and its project_assignment
cannot create such API key. How do I create it after 1.10.0?
Terraform CLI and Terraform MongoDB Atlas Provider Version
/opt/terraform # terraform providers
Providers required by configuration:
.
└── provider[registry.terraform.io/mongodb/mongodbatlas] 1.10.0
Terraform Configuration File
# Copy-paste your configuration info here
Steps to Reproduce
Expected Behavior
Actual Behavior
Debug Output
Crash Output
Additional Context
References
Thanks for opening this issue. The ticket INTMDB-898 was created for internal tracking.
Hi, as part of 1.10.0, we've consolidated management of Programmatic API keys in the mongodbatlas_poroject_api_key
resource. See https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/guides/Programmatic-API-Key-upgrade-guide-1.10.0 for an upgrade guide for how to move from existing projects that were managing api keys via mongodbatlas_project
In addition, we have a number of examples in https://github.com/mongodb/terraform-provider-mongodbatlas/tree/master/examples/atlas-api-key - feel free to reach out if there's a particular example or clarifiication thats needed here.
Thanks for your advice. I understand the process of migrating existing API key based on the suggested document. However, how do I create a new API key with Organization Billing Admin permission and Project Read Only for projects?
We have the same issue. project_assignment
is not know by terraform so it's not working. That's really a blocking point guys.
Thanks for the additional context. We're currently investigating & looking into a fix here. Please follow the linked ticket for more details.
shirakiya just as an update this is on our roadmap, but still several quarters away. will leave this github issue open in the interim. internal tracking ticket CLOUDP-192770
Issue has since been resolved CLOUDP-192770! closing this issue and feel free to open new ticket in case you need anything else. thank you
Updating this issue as it is still relevant. For context this issue did have a PR that was merged https://github.com/mongodb/terraform-provider-mongodbatlas/pull/1369 but then reverted https://github.com/mongodb/terraform-provider-mongodbatlas/pull/1416 due to a limitation encountered at that time.
We currently have the following internal ticket CLOUDP-215112 (alias to INTMDB-898) to track work related to this limitation.