Terraform and Vault are coming to MongoDB Atlas

Melissa Plunkett
July 23, 2019 | Updated: September 11, 2019
#Terraform#Vault

Adding to all of the great stuff we covered at MongoDB World last month we also had announcements about new ways for users to work with MongoDB Atlas and Hashicorp's Terraform and Vault.

TLDR: We are developing a Terraform Provider for MongoDB Atlas to make infrastructure deployment simpler and a Vault Secrets Engine for MongoDB Atlas to enhance and integrate credential and key management.

Terraform and MongoDB Atlas

As development teams strive towards continuous delivery, being able to include infrastructure deployment in code has increasingly become a must-have. Infrastructure as code deployment technology is a fast moving field, but Terraform has stood out with the community as a popular and effective tool for infrastructure. It supports most of the major cloud providers and services via a plugin-based architecture. These plugins are called Providers.

MongoDB is creating a Terraform Provider for MongoDB Atlas with a roadmap which includes full Atlas support for DB Users, Projects, IP Whitelisting, Clusters, Cloud Provider Snapshots, Network Peering and Encryption at Rest. The provider will allow you to easily add MongoDB Atlas to your existing Terraform configurations.

Vault and MongoDB Atlas

The management of keys and secrets involved in operating infrastructure and applications is also a pain point for many, especially as more orgs move to Cloud first. Hashicorp's Vault is a Cloud ready solution to that problem and Vault already has a database Secrets Engine which offers MongoDB server compatibility. It does not, though, work with MongoDB Atlas. This is why we are developing a Vault Secrets Engine for MongoDB Atlas.

The Vault Secrets Engine for MongoDB Atlas will allow you to control the lifecycle (lease, renew, revoke) of your MongoDB database users and programmatic API keys in MongoDB Atlas. This gives you the ability to easily control the dynamic creation and destruction of your most valuable Atlas secrets while following industry best security practices. Like the Terraform Provider, it is another step toward a truly automated continuous delivery cycle.

Delivering Terraform and Vault Support

Development of the Provider and Secrets Engine by DigitalOnUs for MongoDB is already well underway and we can see the finish line. In fact we recently made both GitHub repos open so you can follow our progress: Terraform Provider and Vault Secrets Engine. As required of all Providers and Engines, both code repositories are licensed under the MPL 2.0 open source license. These repos have also been provided to Hashicorp, along with the resources they need, to be tested and approved so they can both be added as official plugins, making installation of both a breeze and allowing them to be listed with their documentation on the appropriate Hashicorp web location.

If you’d like to be kept up to date on the progress from here please complete this short survey to be added to our notification list and we’ll keep you in the loop.

← Previous

MongoDB PHP Library 1.4.3 has change stream fixes

Version 1.4.3 of the MongoDB PHP library is now available and includes fixes related to resuming a change stream.

July 19, 2019
Next →

Women Leaders at MongoDB: Lena Smart Discusses Clarity and Goal Setting

March is Women’s History Month. Our women leaders series highlights MongoDB women who are leading teams and empowering others to own their career development and build together. Lena Smart, Chief Information Security Officer, explains why words matter, shares her thoughts on leadership, and discusses MongoDB’s internal mentorship program “MentorHER”. Tell me a bit about your team. My team is responsible for all aspects of security of MongoDB’s global offices and employees. Within my organization I have Governance, Risk and Compliance (GRC) and InfoSec (security engineering, physical security, etc.) under me. We are dedicated to making every effort to protect customer data, including continually improving security processes and controls. On top of that, we are committed to delivering the highest levels of standards conformance and regulatory compliance as part of our ongoing mission to address the most demanding security and privacy requirements of our customers. My goal is to build the best security and GRC team in the world. What characteristics make a good leader? In my opinion, good leaders are decisive and leave little room for ambiguity. They are understanding and know that people are depending on them for their careers, dreams, and aspirations. They make their work matter every day, are focused on continuous learning, and do not “rest on their laurels.” What has your experience been like as a woman growing your career in leadership? My experience as a woman leader has depended on the environment. It was very difficult as a CIO and CISO in the power industry. Every day I felt like I was being undermined by my peers, who (because they were all “power industry engineers”) felt they were the experts in everything to do with security (they were not). It was exhausting. I finally left and joined a FinTech company. That was better, but I still felt I could find an environment where women were actively encouraged to lead. Hence my move to MongoDB. I could not be happier here and love working with all our teams. Tell us about the biggest lesson you’ve learned throughout your career. The biggest lesson I’ve learned is that words matter. As a leader, people can interpret your words in many ways. Be clear in your message. I have a mantra on our team: “one voice, one message”. I encourage my team members to have all the internal discussion they want, but we do not ever air our dirty laundry in public. We stand with “one voice, one message”. People in general like clarity, and we try hard to enforce that idea within my team by encouraging each person to own what they do. What’s your advice for building and developing a team? I believe cultivating a supportive and positive team culture stems from the top down. I really embrace and follow MongoDB’s company values . Build Together is the main value I follow because, to me, people are everything. You need the right people in the right places owning what they do. I am also a huge advocate for people taking the initiative and building upon their own careers. I make sure to set aside a budget for training and certification programs for my team. This allows them to enhance their knowledge and helps them grow and develop into even stronger security and GRC professionals. I also started the Security Champions Program at MongoDB almost four years ago, a volunteer-based program that allows anyone who has an interest in security to join monthly meetings to learn more. Can you tell us a bit about the MentorHER program at MongoDB? I am honored to be the Executive Sponsor for a very important internal program called MentorHER. MentorHER aims to create diverse teams, develop female leaders, drive organizational changes, and enhance MongoDB’s reputation as an employer of choice. I’ve had a couple of mentors who made a positive impact on my career. I cherished our time together and made sure to have a clear understanding of the mentoring program I signed up for. There were goals, regular meetings, and a lot of positivity generated by mentoring. I hope we can replicate that at MongoDB with our MentorHER program. We have a very strong team leading the program, and I feel very confident that we will meet our goals and embrace the different experiences and perspectives of the women around us. What is your advice to women looking to grow their careers as leaders? My advice to other women is this: be clear and honest in what you want from a leadership role. At the C-suite level you will be pulled in many directions. Control that, from the start, where possible. It’s important to be intellectually honest and have clear goals that will help your team grow and mature, and the business flourish. Join a team that builds together every day. View open career opportunities at MongoDB.

March 27, 2023