POLICY_ID wrongly described in docs?

MongoDB Atlas App Services & Realm
#1

The api spec states that it requires a 24 char hexadecimal string. When I try this I get the following 400 error

{"detail":"The policy id 000000000000000000000001 is invalid.","error":400,"errorCode":"INVALID_POLICY_ID","parameters":["000000000000000000000001"],"reason":"Bad Request"}%

My curl request looks as follows

curl --user "\<public-api-key\>:\<private-api-key\><private-api-key>" --digest --include \
  --header "Accept: application/json" \
  --header "Content-Type: application/json" \
        >   --request PATCH "https://cloud.mongodb.com/api/atlas/v1.0/groups/<redacted\>/clusters/\<redacted>/backup/schedule" \
  --data '
  {
   "referenceHourOfDay": 12,
   "referenceMinuteOfHour": 30,
   "policies": [
   {
     "id": "000000000000000000000001",
     "policyItems": [
       {
         "frequencyType": "HOURLY",
         "frequencyInterval": 6,
         "retentionValue": 2,
         "retentionUnit": "DAYS"
       }
     ]
   }
 ],
 "updateSnapshots": true,
 "autoExportEnabled" : true
}'

I get the same error when using the Cloudformation resource as follows:

    new CfnResource(this, 'mongodb_backup_schedule', {
      type: 'MongoDB::Atlas::CloudBackupSchedule',
      properties: {
        ProjectId: mongoproject.ref,
        ClusterName: "<redacted>",
        UseOrgAndGroupNamesInExportPrefix: true,
        AutoExportEnabled: "false",
        ApiKeys: {
          PublicKey: '{{resolve:secretsmanager:atlas/<redacted>/apiKey:SecretString:publicKey}}',
          PrivateKey: '{{resolve:secretsmanager:atlas/<redacted>/apiKey:SecretString:privateKey}}',
        },
        "Policies": [
          {
            "ID": "000000000000000000000001",
            "PolicyItems": [
              { 
                "FrequencyInterval": 6,
                "FrequencyType": "hourly",
                "RetentionUnit": "days",
                "RetentionValue": 7
              }
            ]
          }
        ],
        ReferenceHourOfDay: "0",
        ReferenceMinuteOfHour: "0",
        RestoreWindowDays: "1",
      },
    });

resulting in:

Resource handler returned message: "Error updating cloud backup schedule : PATCH https://cloud.mongodb.com/api/atlas/v1.0/groups/<redacted>/clusters/<redacted>/backup/schedule: 400 (request "INVALID_POLICY_ID") The policy id 000000000000000000000001 is invalid." (RequestToken: 2493f47d-d21d-8ca4-179c-e6874210c26d, HandlerErrorCode: InvalidRequest)

Can someone tell me what the correct constraints for the POLICY_ID are?
I’m basing my code on api spec described here MongoDB Atlas Administration API

Kind regards

#4

Hey @Maarten_Suetens,

Welcome to the MongoDB Community Forums! :leaves:

Is "000000000000000000000001" the actual value used in the request? If not, have you tried using the policies.id value provided in the response of the Return One Cloud Backup Schedule?

Please let us know if this helps or not. Feel free to reach out for anything else as well.

Regards,
Satyam

1 Like
#5

Hey Satyam,

‘000000000000000000000001’ is the value I used, but I have tried with several 24-char hexadecimal values.

Regarding the return value:
I am trying to create this via CDK(cloudformation) and the policy.id is only known after creation, but the creation fails because I’m not providing a correct ID.

Kind regards
Maarten

#6

Hey @Maarten_Suetens,

You have stated the "policy.id" is known after creation - Is there a reason you are not using this "policy.id"? Additionally, when you refer to creation, do you mean creating/enabling the backups or creating a cluster? When backups are enabled, there is a default backup policy already (I.e. a "policy.id" already exists). Using the Return One Cloud Backup Schedule API provides the "policy.id" value which you can use in the Update Cloud Backup Schedule for One Cluster API which you had linked previously:

Additionally, are you thinking to define the default backup policy for when backups are enabled for a cluster (at creation)? If so, there is a feedback that you can upvote. But as of now, this feature is not supported. You can read about this feedback here: Define Default Backup Policy

Regards,
Satyam

#7

Hey @Satyam

Thank you, this is clearing a lot up for me. I did not know that enabling backups installs a default backup policy whose ID I needed to provide. I was under the impression that Adding a policy would create the ID.

We create the cluster using cloudformation resources as described here

We create the cluster as follows:

    new CfnResource(this, 'mongo_cluster', {
      type: 'MongoDB::Atlas::Cluster',
      properties: {
        Name: '<redacted>',
        ProjectId: mongoproject.ref,
        ApiKeys: {
          PublicKey: '{{resolve:secretsmanager:atlas/<redacted>/apiKey:SecretString:publicKey}}',
          PrivateKey: '{{resolve:secretsmanager:atlas/<redacted>/apiKey:SecretString:privateKey}}',
        },
        MongoDBMajorVersion: "6.0",
        AdvancedSettings: {
          DefaultReadConcern: 'available',
          DefaultWriteConcern: '1',
          JavascriptEnabled: 'true',
          MinimumEnabledTLSProtocol: 'TLS1_2',
          NoTableScan: 'false',
          OplogSizeMB: '4000',
          SampleSizeBIConnector: '110',
          SampleRefreshIntervalBIConnector: '310',
        },
        BiConnector: {
            ReadPreference: "secondary",
            Enabled: "true"
        },
        BackupEnabled: 'true',
        ClusterType: 'REPLICASET',
        ReplicationSpecs: [
          {
            NumShards: '1',
            AdvancedRegionConfigs: [advancedRegionConfig],
          },
        ],
      },
    });

How would we be able to get the POLICY_ID from this resource? It does not seem to be listed among the return values

Kind regards

#8

Hey @Maarten_Suetens,

Can you run the API described here: Return One Cloud Backup Schedule? The result of this API should contain policies.id.

Regards,
Satyam