DocumentDB create users on provisioning

0

I am looking for a viable approach to create a set of default users with different level of privileges into a DocumentDB instance (let's say read-only user, read/write user etc..).

I do provision using Terraform, I first tried by looking at specific Terraform resources, but there is no one since the DocumentDB API actually does not have a user resource (see Boto3 client: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/docdb.html)

Then I came to the option to run some mongosh commands by the Terraform null_resource and local-exec provisioner... but I don't like that way since it introduces quite a number of requirements in the machine where the mongosh commands runs, as well as extra requirements on the firewall configuration of the DocumentDB.

I would love to solve this issue by providing to the DocumentDB instance with a configuration to import (json or so...) where my users are listed... not sure if that's feasible.

profile picture
asked a month ago35 views
1 Answer
0

You should consider looking at some of the community created MongoDB providers. While I have not tested them, the below provider supports User and Role creation and mutation from Terraform.

Using a provider instead of null resource or level exec would be preferred.

https://registry.terraform.io/providers/Kaginari/mongodb/latest/docs/resources/database_user

profile pictureAWS
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions