Closed Throckmortra closed 4 years ago
@Throckmortra without more information on what was included and the project this is hard to track down. Would communicating directly via email work for you? melissa.plunkett@mongodb.com or communicate directly via the Atlas support portal to our team and we can see what's going on? I've also included a longer guide here: https://www.mongodb.com/blog/post/manage-atlas-database-secrets-hashicorp-vault
I will add that we've seen some interesting errors when putting the creation statement on more than one line so also try changing it to one line:
creation_statements='{ "database_name": "admin", "roles [{"databaseName":"admin","roleName":"atlasAdmin"}]}'
thanks Melissa I will email you
Update:
The error message from Atlas is now more clear. If anyone encounters an error like:
POST https://cloud.mongodb.com/api/atlas/v1.0/groups/GROUPID/databaseUsers: 400 (request "Bad Request") The specified username v-user.name-admin-RANDOMSTRING-RANDOMSTRING is not valid for an Atlas database user.
It means that the username the vault command is run under has a special character in it that Atlas does not allow for database usernames, e.g. the period in the name above. Atlas database username can only contain ASCII letters, numbers, hyphens, and underscores, and should begin with a letter or number so if your Vault username does not adhere to this requirement the request will fail.
Current workaround is to use with a Vault username that adheres to the standard.
We are also investigating an option to properly handle this situation.
cc @thetonymaster
Fix merged and will be in 1.4.2. @Throckmortra please let us know if experience any further issues after that release. Thanks!
thank you so much @themantissa !
Fixed in #9
Hi, when following along with the docs here: https://www.vaultproject.io/docs/secrets/databases/mongodbatlas/
I'm getting this error:
I'm running vault 1.4