antonbabenko / terraform-best-practices

Terraform Best Practices free ebook translated into 🇬🇧🇦🇪🇧🇦🇧🇷🇫🇷🇬🇪🇩🇪🇬🇷🇮🇱🇮🇳🇮🇩🇮🇹🇯🇵🇰🇷🇵🇱🇷🇴🇨🇳🇪🇸🇹🇷🇺🇦🇵🇰
https://www.terraform-best-practices.com/
Other
2.07k stars 431 forks source link

Terraform Mongo imported service account password challenge #61

Closed Natarajan77 closed 1 month ago

Natarajan77 commented 1 month ago

We created service account in mongo by not using terraform. We imported the user in terraform. Challenge here is we want to keep the password in the terraform state file same as when it was created by hand. If we run below resources, random_password resource will generate new password and assign it to password which will change in database and statefile. We want to have the same password first time generated when the user was created to be in the state file.

resource "random_password" "mongoserviceaccount" { length = 16 lower = true upper = true numeric = true min_lower = 4 min_upper = 4 min_numeric = 4 special = false }

resource "mongodbatlas_database_user" "mongoserviceaccount" { username = "mongoserviceaccount" password = random_password.mongoserviceaccount.result project_id = var.project_id auth_database_name = "admin"

roles { database_name = "admin" role_name = "readWriteAnyDatabase" } scopes { name = var.clustername type = "CLUSTER" } }

output "key_mongoserviceaccount" { value = mongodbatlas_database_user.mongoserviceaccount.username }

output "secret_mongoserviceaccount" { value = random_password.mongoserviceaccount.result sensitive = true }

antonbabenko commented 1 month ago

Sorry, this is the wrong place to open such an issue. Consider asking on StackOverflow or other places.