Currently, when attempting to revoke a lease, Vault will pull down the API Keys from MongoDB Atlas, search for a match, if a match is found, the lease is revoked. If there is no match, this error occurs:
2023-10-12T15:53:00.061-0400 [ERROR] expiration: failed to revoke lease: lease_id=mongodbatlas/creds/test/elexDw4rwGo7AmkoIy5u3t8T error="failed to revoke entry: resp: (*logical.Response)(nil) err: missing roles on programmatic key " attempts=2 next_attempt=40.050656014s
The reason for this error is that Vault is only pulling these down from Mongo in 100 item batches (the default from the mongo api).
This PR accomplishes two goals. 1) It improves the error messaging in the case described above 2) It increases that max batch size to 500 (the currently defined max from MongoDB Atlas).
Overview
Currently, when attempting to revoke a lease, Vault will pull down the API Keys from MongoDB Atlas, search for a match, if a match is found, the lease is revoked. If there is no match, this error occurs:
The reason for this error is that Vault is only pulling these down from Mongo in 100 item batches (the default from the mongo api).
This PR accomplishes two goals. 1) It improves the error messaging in the case described above 2) It increases that max batch size to 500 (the currently defined max from MongoDB Atlas).
Contributor Checklist