New Major Version of Terraform MongoDB Atlas Provider
Last summer we announced the first HashiCorp-verified Terraform MongoDB Atlas Provider at MongoDB .local London. Since then we’ve had a tremendous response from customers working towards and achieving continuous deployment with MongoDB Atlas and Terraform. Driven by demand and customer feedback, we have been busy working on a new release and are excited to share that as of today, version 0.4.0 of the Terraform MongoDB Atlas Provider is generally available. This new version greatly expands the MongoDB Atlas API resources supported.
Terraform and MongoDB Atlas
Last year we saw an uptick in development teams moving towards continuous delivery models, and that has only grown since our announcement of the first version of our Terraform Provider. These teams continue to move away from legacy infrastructure management and towards defining their infrastructure as code, creating and modifying what is needed for an application as the code is deployed.
This group has also continued to express a strong preference for HashiCorp Terraform as their infrastructure as code (IaC) service of choice. Because Terraform has support for most of the major cloud providers and services via a plugin-based architecture, we expect that demand to remain strong and continue to grow. That’s why we’ve continued to work with DigitalOnUs to ensure we enable success for those on the cutting edge of continuous deployment with MongoDB Atlas and Terraform.
So What’s New?!
The first major version of the Terraform MongoDB Atlas Provider included support for much of the core MongoDB Atlas functionality; Projects, Database Users, Project IP Whitelisting, Clusters, Cloud Provider Snapshots, Network Peering and Encryption at Rest. This newest version adds in significantly more Atlas feature support, including the ability to manage the following via Terraform:
- Teams - create teams for your organization and then assign them, with appropriate roles, to your projects. This makes it easier to grant roles and access to multiple users at once.
- Auditing - enable auditing and define filters for actions, including database authentication events.
- Maintenance Windows - configure the day and time of the week for when Atlas should start non-urgent maintenance on your cluster.
- Alert Configuration - define alert conditions and destinations.
- Global Cluster Configuration - the ability to configure a Global Cluster already existed in the provider, but we’ve now expanded coverage to include the ability to add, remove, and retrieve managed namespaces and custom zone mappings associated with your Global Clusters.
- Custom Roles - create a custom MongoDB Atlas database user role with a set of actions which cannot be described by the built-in Atlas database user privileges.
We also added support for two new Atlas features:
- X.509 database authentication - manage database users who authenticate using X.509 certificates.
- AWS PrivateLink - create Atlas Private Endpoints to use with AWS PrivateLink.
In addition, we’ve improved how the Project IP Whitelist works and added support for AWS Security Groups. Previously, the entire Project IP Whitelist was defined in a single Terraform resource. Here’s an example:
resource "mongodbatlas_project_ip_whitelist" "test" {
 project_id = <PROJECT-ID>

 whitelist {
 cidr_block = "1.2.3.4/32"
 comment = "cidr block for tf acc testing"
 }
 whitelist {
 ip_address = "2.3.4.5"
 comment = "ip address for tf acc testing"
 }
 whitelist {
 cidr_block = "3.4.5.6/32"
 comment = "cidr block for tf acc testing"
 }
 whitelist {
 ip_address = "4.5.6.7"
 comment = "ip address for tf acc testing"
 }
 }


To make it easier to modify all types of Project IP Whitelist entries with minimal impact, you can now define each IP whitelist entry as its own resource. Here’s an example:
resource "mongodbatlas_project_ip_whitelist" "test" {
 project_id = <PROJECT-ID>
 cidr_block = "1.2.3.4/32"
 comment = "cidr block for tf acc testing"
} 
resource "mongodbatlas_project_ip_whitelist" "test2" {
 project_id = <PROJECT-ID>
 ip_address = "2.3.4.5"
 comment = "ip address for tf acc testing"
}
resource "mongodbatlas_project_ip_whitelist" "test3" {
 project_id = <PROJECT-ID>
 cidr_block = "3.4.5.6/32"
 comment = "cidr block for tf acc testing"
}
resource "mongodbatlas_project_ip_whitelist" "test4" {
 project_id = <PROJECT-ID>
 ip_address = "4.5.6.7"
 comment = "ip address for tf acc testing"
}


And after you’ve configured peering you can now add an AWS Security Group to your IP Whitelist as well:
resource "mongodbatlas_project_ip_whitelist" "test" {
 project_id = "<PROJECT-ID>"
 aws_security_group = "sg-0026348ec11780bd1"
 comment = "TestAcc for awsSecurityGroup"

 depends_on = ["mongodbatlas_network_peering.test"]
}

All of this is on top of a heap of continuous improvements we’ve made to the existing resources and documentation since last summer!
When you are ready to add these new resources to your Terraform Configuration File, the MongoDB Atlas Provider documentation has all the examples and details you’ll need to get started. Since we are a verified, official Terraform Provider, upgrading is incredibly easy. We’ve written a quick guide to ensure you know just what to expect. If you need assistance with the provider, support is covered with your MongoDB Atlas Support Plan, starting with the Developer plan.
What’s Next?
We’ll continue to add new features and functionality to the Terraform MongoDB Atlas Provider primarily based on your feedback. If you have an idea or feature you’d like to see us support in the Provider, please see if it’s listed yet in our new feedback portal. If so, give it a vote and if not, please add it! If you find a bug, please submit it as an issue in our repo. Otherwise, feel free to reach out directly to me (melissa.plunkett@mongodb.com) about Terraform, MongoDB Atlas or what has you excited in the world of continuous deployment.