If you don’t already use MongoDB Atlas, sign up for an account today. Distributed and secure by default, MongoDB Atlas is a global cloud database service available on AWS, Azure, and Google Cloud.
To use the HashiCorp Terraform MongoDB Atlas Provider, you will first need to configure it with the proper credentials. Provide your credentials for authentication via static credentials or environment variables, then simply define your desired Atlas resources.
Once you’ve created your MongoDB Atlas account and configured your Terraform environment, you’re all set!
MongoDB Atlas is the global cloud database service for modern applications. Deploy fully managed MongoDB across AWS, Azure, or Google Cloud with best-in-class automation and proven practices that guarantee availability, scalability, and compliance with security standards. Use MongoDB’s robust ecosystem of drivers, integrations, and tools to build faster and spend less time on operations and database administration.
With Atlas, you can easily deploy, update, and manage MongoDB configurations as code through Terraform.
HashiCorp is a cloud infrastructure automation software company whose suite of tools enable organizations to provision, secure, connect, and run any infrastructure for any application. HashiCorp is the creator of the tools Vagrant, Packer, Terraform, Vault, Consul and Nomad. The HashiCorp suite unlocks the cloud operating model for every business and enables their digital transformation strategies to succeed.
HashiCorp Terraform is a tool which provides a foundation for cloud infrastructure automation using infrastructure as code for provisioning and compliance in the cloud operating model. Operators can easily provision and manage any infrastructure with one workflow and on-demand using a library of approved infrastructure modules.
Terraform is offered both as an open source and enterprise solution, with the enterprise product building on the open source to address organizational challenges and complexity.
In order for Terraform to create, manage, and update infrastructure resources, customers must use a Terraform provider. A provider is a plugin responsible for understanding both the Terraform and provider’s APIs and exposing the provider’s resources. Providers are generally an IaaS (e.g., AWS, Azure, GCP), PaaS (e.g., Heroku), or SaaS service (e.g., CloudFlare).
Terraform users can opt to use either a verified provider or a community provider. The former are primarily supported by the vendor in close collaboration with HashiCorp, who verifies the provider and regularly tests it. Verified providers that are configured by the user in their code are automatically loaded when Terraform is initialized. The latter can be created by anyone in the community and must be installed manually.
Currently, there is no official plugin for using HashiCorp Terraform with non-Atlas MongoDB deployments. If you already run MongoDB on the cloud, in your data center, or with a third-party database-as-a-service provider, learn how you can migrate to MongoDB Atlas to use the HashiCorp Terraform MongoDB Atlas Provider.
The HashiCorp Terraform MongoDB Atlas Provider supports most resources available in the MongoDB Atlas API, including projects, clusters, database users, IP access lists, network peerings, Cloud Backup policies, and more.
For the most up to date list of resources, see the Terraform Docs.
Let us know! Click here to leave feedback.
The HashiCorp Terraform MongoDB Atlas Provider code is hosted in the MongoDB GitHub repo and community members are welcome to contribute to the project and submit bug reports and fixes. MongoDB will maintain and update the Terraform MongoDB Atlas Provider.
The MongoDB Cloud Support team will be available to help troubleshoot any issues related to MongoDB Atlas and the Provider as part of a customer’s current support contract for Atlas Developer plans and higher.
In addition to the HashiCorp Terraform MongoDB Atlas Provider, MongoDB offers two other automation tools built on top of the Atlas API: the MongoDB Command Line Interface (mongocli) and the MongoDB Atlas Resource Provider for AWS CloudFormation (currently in early beta).
There are no official integrations between MongoDB Atlas and other infrastructure as code tools such as Chef, Puppet, or Ansible.
HashiCorp Terraform is often listed alongside Chef, Puppet, Ansible, CloudFormation, and other tools under the category of infrastructure as code. However, the IaC label actually includes several distinct capabilities, each with different approaches and implications.
The biggest difference is that Chef, Puppet, and Ansible are configuration management tools, which means they primarily install and manage software on existing servers. HashiCorp Terraform and CloudFormation, on the other hand, are primarily provisioning tools, which means they provision the servers themselves, as well as other parts of your infrastructure like load balancers, databases, and networking configurations.
Companies may use several infrastructure as code tools together to automate provisioning, configuration management, server templating, and orchestration. For example, some use HashiCorp Terraform, Packer, Docker, and Kubernetes together for provisioning, server templating, and orchestration. This article by Gruntwork offers a great summary of the key differences between infrastructure as code tools and common combinations that companies use.
Organizations using Kubernetes can use the MongoDB Atlas Open Service Broker to deploy, manage, and access Atlas on their cloud platform of choice.
Yes. MongoDB also offers two official, HashiCorp-approved MongoDB Atlas Secrets Engines for HashiCorp Vault:
The MongoDB Atlas Secrets Engine generates unique, ephemeral programmatic API keys for MongoDB Atlas with assigned roles and permissions, along with IP whitelists to restrict individual key access. Project IP whitelists in Atlas do not cover API keys, so each API key must have an associated IP whitelist.
The MongoDB Atlas Database Secrets Engine generates unique, ephemeral database users for MongoDB Atlas projects, which can be managed programmatically in HashiCorp Vault. This secrets engine already existed for self-managed MongoDB users, but we made a new secrets engine to support MongoDB Atlas customers.
These two secrets engines can be used independently or together to help manage database security and access for MongoDB Atlas.