getting error while cdk deploy (following cdk example in repo)

[dahiyahimanshu]

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { CfnProject } from '@mongodbatlas-awscdk/project';
import { CfnCluster } from '@mongodbatlas-awscdk/cluster';

interface AtlasStackProps {
  readonly orgId: string;
  readonly profile: string;
  readonly projName: string;
  readonly clusterName: string;
  readonly clusterType: string;
  readonly instanceSize: string;
  readonly region: string;
}

export class Mongo3Stack extends cdk.Stack {
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const atlasProps = this.getContextProps();

    const projectRes = new CfnProject(this, 'ProjectResource', {
      name: atlasProps.projName,
      orgId: atlasProps.orgId,
      profile: atlasProps.profile
    });

    const clusterRes = new CfnCluster(this, 'ClusterResource', {
      name: atlasProps.clusterName,
      projectId: projectRes.attrId,
      profile: atlasProps.profile,
      clusterType: atlasProps.clusterType,
      backupEnabled: true,
      pitEnabled: false,
      replicationSpecs: [{
        numShards: 1,
        advancedRegionConfigs: [{
          autoScaling: {
            diskGb: {
              enabled: true,
            },
            compute: {
              enabled: false,
              scaleDownEnabled: false,
            },
          },
          analyticsSpecs: {
            ebsVolumeType: "STANDARD",
            instanceSize: atlasProps.instanceSize,
            nodeCount: 3,
          },
          electableSpecs: {
            ebsVolumeType: "STANDARD",
            instanceSize: atlasProps.instanceSize,
            nodeCount: 3,
          },
          readOnlySpecs: {
            ebsVolumeType: "STANDARD",
            instanceSize: atlasProps.instanceSize,
            nodeCount: 3,
          },
          priority: 7,
          regionName: atlasProps.region,
        }]
      }]
    });

  }

  getContextProps(): AtlasStackProps {
    const orgId = this.node.tryGetContext('orgId');
    if (!orgId){
      throw "No context value specified for orgId. Please specify via the cdk context."
    }
    const projName = this.node.tryGetContext('projName') ?? 'test-project-2';
    const profile = this.node.tryGetContext('profile') ?? 'hdahiya2';
    const clusterName = this.node.tryGetContext('clusterName') ?? 'test-cluster';
    const clusterType = this.node.tryGetContext('clusterType') ?? 'REPLICASET';
    const instanceSize = this.node.tryGetContext('instanceSize') ?? "M10";
    const region = this.node.tryGetContext('region') ?? "EU_WEST_1";

    return {
      projName,
      orgId,
      profile,
      clusterName,
      clusterType,
      instanceSize,
      region,
    }
  }
}

The above code which is being referred from example section is getting error while cdk deploy. please help.

[██████████████▌···········································] (1/4)

6:12:40 PM | CREATE_FAILED        | MongoDB::Atlas::Project | ProjectResource
Properties validation failed for resource ProjectResource with message:
#: extraneous key [Profile] is not permitted
6:12:41 PM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | Mongo3Stack
The following resource(s) failed to create: [ProjectResource, CDKMetadata]. Rollback requested by user.
6:12:41 PM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | Mongo3Stack
The following resource(s) failed to create: [ProjectResource, CDKMetadata]. Rollback requested by user.
^C

[andreaangiolillo]

Hello @dahiyahimanshu, Thanks for opening the issue.

Could you share the AWS region where you are running the CDK and the version of the MongoDB::Atlas::Project resource that you have activated on your AWS account? Thanks!

[dahiyahimanshu]

Region is : eu-west-1

Version 6 (default)

[andreaangiolillo]

Hi @dahiyahimanshu, Thanks for the quick reply.

We don't have version 6 for MongoDB::Atlas::Project in eu-west-1. The latest version is v1.2.0 (see the attachment). You can see the version in the AWS Console or by running the following command and check LatestPublicVersion:

aws cloudformation list-types --visibility PUBLIC --type RESOURCE --filters TypeNamePrefix=MongoDB::Atlas::Project
{
    "TypeSummaries": [
        {
            "Type": "RESOURCE",
            "TypeName": "MongoDB::Atlas::Project",
            "TypeArn": "arn:aws:cloudformation:us-east-1::type/resource/bb989456c78c398a858fef18f2ca1bfc1fbba082/MongoDB-Atlas-Project",
            "LastUpdated": "2023-02-21T11:42:49.260000+00:00",
            "Description": "Retrieves or creates projects in any given Atlas organization.",
            "PublisherId": "bb989456c78c398a858fef18f2ca1bfc1fbba082",
            "LatestPublicVersion": "1.12.0",
            "PublisherIdentity": "AWS_Marketplace",
            "PublisherName": "MongoDB",
            "IsActivated": false
        },
........

[dahiyahimanshu]

Thankyou for the prompt reply. Much appreciated.

It shows here version 6

What is the underlying Mongo Db version in v1.2.0 please

[andreaangiolillo]

You see version 6 because you are using a resource in the private registry instead of the public one. Make sure to have MongoDB::Atlas::Project under Activated third-party and that the version is v1.2.0. This page may be helpful Using the AWS CloudFormation registry.

[dahiyahimanshu]

How can i get rid of privately registered extensions please

[andreaangiolillo]

👋 . Here is the process (See Documentation: deregister-type):

• You first need to deregister all the versions of your private resource (in your case 6 😭 )

aws cloudformation deregister-type  --arn <ARN of your PRIVATE resource>

Example for a private resource with 3 versions:

aws cloudformation deregister-type  --arn arn:aws:cloudformation:us-east-1:358363220050:type/resource/MongoDB-Atlas-Teams/00000003

aws cloudformation deregister-type  --arn arn:aws:cloudformation:us-east-1:358363220050:type/resource/MongoDB-Atlas-Teams/00000002

aws cloudformation deregister-type  --arn arn:aws:cloudformation:us-east-1:358363220050:type/resource/MongoDB-Atlas-Teams/00000001

• Deactivate the resource once you have only one version left

aws cloudformation deregister-type  --type-name "MongoDB::Atlas::Project" --type RESOURCE

Let me know if you need more help. Thanks!

[dahiyahimanshu]

dereigster all private types and activated the public types

after cdk deploy give me below error

[andreaangiolillo]

I am glad we made a progress 😄 .This is a problem with the permission associated with your Atlas API keys stored in the Secret Manager profile. Make sure to associate your Atlas API keys with the correct organization role (user-roles).

[dahiyahimanshu]

Thankyou.

i increased the permission level to inlcude all "Organization Project Creator, Organization Read Only, Organization Owner, Organization Billing Admin, Organization Member". Still same error. please help

[andreaangiolillo]

Hello 👋 Could you make sure that your secret manager profile has the public key xtdspvlf? Feel free to share your secret manager profile without sharing the private key if you want. Also, check that the organaztionId provided in the CDK is the correct one. Another suggestion, you only need to add the more permissive role to your key, in your case ORGANIZATION_OWNER, there is no need to add all of them.

Thanks

[dahiyahimanshu]

Thankyou for support. pls find secret snapshot.

i am using below command for cdk deploy pls.

cdk deploy --context orgId=63fe62ba55b8e2715c2985c8

it looks the correct one

[andreaangiolillo]

Hello 👋 ,

In the CDK code that you shared, you have

const profile = this.node.tryGetContext('profile') ?? 'hdahiya2'

This means you are using the profile hdahiya2 if the profile is not provided in the CDK context. Could you make sure that cfn/atlas/profile/hdahiya2 is using the same key?

Thanks

[dahiyahimanshu]

ah sorry i changed it back it to

const profile = this.node.tryGetContext('profile') ?? 'default';

still same issue

[andreaangiolillo]

Could you make sure that you are using the latest version of @mongodbatlas-awscdk/project and @mongodbatlas-awscdk/cluster?

Thanks

[dahiyahimanshu]

hdahiya@IN-HDAHIYA-T14:~/mongo3$ npm ls
mongo3@0.1.0 /home/hdahiya/mongo3
├── @mongodbatlas-awscdk/cluster@1.0.2
├── @mongodbatlas-awscdk/project@1.1.0

basically i ran below commands for installation

npm install @mongodbatlas-awscdk/cluster
npm install @mongodbatlas-awscdk/project

How to know the latest versions available please

[andreaangiolillo]

You can run

npm install @mongodbatlas-awscdk/project@latest
npm install @mongodbatlas-awscdk/cluster@latest

[dahiyahimanshu]

hdahiya@IN-HDAHIYA-T14:~/mongo3$ npm ls
mongo3@0.1.0 /home/hdahiya/mongo3
├── @mongodbatlas-awscdk/cluster@1.1.4
├── @mongodbatlas-awscdk/project@1.1.0
├── @types/jest@29.5.0
├── @types/node@18.14.6
├── aws-cdk-lib@2.73.0
├── aws-cdk@2.73.0
├── constructs@10.1.310
├── jest@29.5.0
├── source-map-support@0.5.21
├── ts-jest@29.1.0
├── ts-node@10.9.1
└── typescript@4.9.5

still same issue after updating to latest. btw mongodbatlas-awscdk/project not changed

[andreaangiolillo]

Hello 👋 I will try to reproduce the issue. I will add an update asap.

Thanks

[andreaangiolillo]

Hello 👋 ,

Thank you for your patience. I was able to reproduce the issue. I have released a new version of MongoDB::Atlas::Project with the fix to the issue, which is v1.3.0 and it's available in the eu-west-1 region. Ensure to activate this version in your AWS account.

Please, let me know if this new version v1.3.0 resolves your issue.

Thank you!

[dahiyahimanshu]

thankyou, let me test. will come back

[dahiyahimanshu]

[██████████████▌···········································] (1/4)

10:11:27 AM | CREATE_FAILED        | MongoDB::Atlas::Project | ProjectResource
Resource handler returned message: "Error creating mongoDB client : PublicKey and PrivateKey cannot be empty" (RequestToken: 99f1807
b-e672-cd17-8452-f79c425b355c, HandlerErrorCode: InvalidRequest)
10:11:28 AM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | Mongo3Stack
The following resource(s) failed to create: [ProjectResource, CDKMetadata]. Rollback requested by user.
10:11:28 AM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | Mongo3Stack
The following resource(s) failed to create: [ProjectResource, CDKMetadata]. Rollback requested by user.

Hi andreaangiolillo,

I am getting strange error with cdk deploy after activating latest mongodb::atlas resources

[andreaangiolillo]

Hello, Could you share the output of cdk synth? Thanks!

[dahiyahimanshu]

hdahiya@IN-HDAHIYA-T14:~/mongo3$ cdk synth --context orgId=640dba22c5b1cc609ab132d0
Resources:
  ProjectResource:
    Type: MongoDB::Atlas::Project
    Properties:
      Name: test-project-2
      OrgId: 640dba22c5b1cc609ab132d0
      Profile: mycom-default
    Metadata:
      aws:cdk:path: Mongo3Stack/ProjectResource
  ClusterResource:
    Type: MongoDB::Atlas::Cluster
    Properties:
      BackupEnabled: true
      ClusterType: REPLICASET
      Profile: mycom-default
      ProjectId:
        Fn::GetAtt:
          - ProjectResource
          - Id
      Name: test-cluster
      PitEnabled: false
      ReplicationSpecs:
        - NumShards: 1
          AdvancedRegionConfigs:
            - AutoScaling:
                DiskGB:
                  Enabled: true
                Compute:
                  Enabled: false
                  ScaleDownEnabled: false
              RegionName: EU_WEST_1
              AnalyticsSpecs:
                EbsVolumeType: STANDARD
                InstanceSize: M10
                NodeCount: 3
              ElectableSpecs:
                EbsVolumeType: STANDARD
                InstanceSize: M10
                NodeCount: 3
              Priority: 7
              ReadOnlySpecs:
                EbsVolumeType: STANDARD
                InstanceSize: M10
                NodeCount: 3
    Metadata:
      aws:cdk:path: Mongo3Stack/ClusterResource
  CDKMetadata:
    Type: AWS::CDK::Metadata
    Properties:
      Analytics: v2:deflate64:H4sIAAAAAAAA/zPSMzfWM1BMLC/WTU7J1s3JTNKrDi5JTM7WcU7LC0otzi8tSk4FsZ3z81IySzLz82p18vJTUvWyivXLDC30DI30DBWzijMzdYtK80oyc1P1giA0AAMc5gdZAAAA
    Metadata:
      aws:cdk:path: Mongo3Stack/CDKMetadata/Default
    Condition: CDKMetadataAvailable
Conditions:
  CDKMetadataAvailable:
    Fn::Or:
      - Fn::Or:
          - Fn::Equals:
              - Ref: AWS::Region
              - af-south-1
          - Fn::Equals:
              - Ref: AWS::Region
              - ap-east-1
          - Fn::Equals:
              - Ref: AWS::Region
              - ap-northeast-1
          - Fn::Equals:
              - Ref: AWS::Region
              - ap-northeast-2
          - Fn::Equals:
              - Ref: AWS::Region
              - ap-south-1
          - Fn::Equals:
              - Ref: AWS::Region
              - ap-southeast-1
          - Fn::Equals:
              - Ref: AWS::Region
              - ap-southeast-2
          - Fn::Equals:
              - Ref: AWS::Region
              - ca-central-1
          - Fn::Equals:
              - Ref: AWS::Region
              - cn-north-1
          - Fn::Equals:
              - Ref: AWS::Region
              - cn-northwest-1
      - Fn::Or:
          - Fn::Equals:
              - Ref: AWS::Region
              - eu-central-1
          - Fn::Equals:
              - Ref: AWS::Region
              - eu-north-1
          - Fn::Equals:
              - Ref: AWS::Region
              - eu-south-1
          - Fn::Equals:
              - Ref: AWS::Region
              - eu-west-1
          - Fn::Equals:
              - Ref: AWS::Region
              - eu-west-2
          - Fn::Equals:
              - Ref: AWS::Region
              - eu-west-3
          - Fn::Equals:
              - Ref: AWS::Region
              - me-south-1
          - Fn::Equals:
              - Ref: AWS::Region
              - sa-east-1
          - Fn::Equals:
              - Ref: AWS::Region
              - us-east-1
          - Fn::Equals:
              - Ref: AWS::Region
              - us-east-2
      - Fn::Or:
          - Fn::Equals:
              - Ref: AWS::Region
              - us-west-1
          - Fn::Equals:
              - Ref: AWS::Region
              - us-west-2
Parameters:
  BootstrapVersion:
    Type: AWS::SSM::Parameter::Value<String>
    Default: /cdk-bootstrap/hnb659fds/version
    Description: Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]
Rules:
  CheckBootstrapVersion:
    Assertions:
      - Assert:
          Fn::Not:
            - Fn::Contains:
                - - "1"
                  - "2"
                  - "3"
                  - "4"
                  - "5"
                - Ref: BootstrapVersion
        AssertDescription: CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.

FYI, using another secret key cfn/atlas/profile/mycom-default (my org generated mongo api keys)

[andreaangiolillo]

Hi @dahiyahimanshu, I am not able to reproduce your issue. The error suggests that your profile in secret manager does not have public and private API keys. Make sure to check that your profile is set correctly in EU_WEST_1. Thanks

[dahiyahimanshu]

As the arn contains eu-west-1 the profile seems to be created in eu-west-1. Do you think we can manage a quick zoom call to demo you the problem first hand please? I can share the invite on your email.

just to let you know this was not the error before your recent fix. Previously i was getting 401

Thanks & regards, Himanshu Dahiya

[andreaangiolillo]

Hi @dahiyahimanshu,

The profile that you shared is not correctly set. Please make sure that when you click on the PlainText option, your profile has this JSON format:

{"PublicKey":"PublicKey", "PrivateKey":"PrivateKey-1"}

Your profile should show the keys as in my attachment:

You can use this template profile-secret.yaml to create your profile.

Thanks!

[dahiyahimanshu]

thankyou andreaangiolillo . The problem was with my key structure. after correction it deployed successfully.

Can you please also point how can i fetch mongodb url of this stack and perform simple tests

[andreaangiolillo]

Hello 👋 ,

You can access the connectionString of the cluster in your CDK code as follows:

clusterRes.connectionStrings.standard
clusterRes.connectionStrings.standardSrv

Make sure to use @mongodbatlas-awscdk/cluster@1.1.4.

Thanks

[dahiyahimanshu]

Hi andreaangiolillo, Thankyou for the input. I am able to cfn output those variables

new CfnOutput(this, 'stdConnectionUrl', {
      value: clusterRes.connectionStrings.standard as string
    })

    new CfnOutput(this, 'stdSrvConnectionUrl', {
      value: clusterRes.connectionStrings.standardSrv as string
    })

still the connection timeout (i have tried from local and as well as from ec2 instance with no success)

mongosh "mongodb+srv://test-cluster.tnlcl.mongodb.net" --apiVersion 1 --username atlas-user
Enter password: *********
Current Mongosh Log ID: 643e1cee5fea493589d29afb
Connecting to:          mongodb+srv://<credentials>@test-cluster.tnlcl.mongodb.net/?appName=mongosh+1.8.0
MongoServerSelectionError: Server selection timed out after 30000 ms

Can you please help here.

also, I see another related cdk repository https://github.com/mongodb/awscdk-resources-mongodbatlas. I wonder which one to use. i see some modules are deprecated in this repository. Should i switch to the new repository.

[andreaangiolillo]

Hello 👋

still the connection timeout (i have tried from local and as well as from ec2 instance with no success)

By default, a new atlas cluster is not accessible by the public internet. You need to add the IP address of the machine that you want to use to access the cluster to the Atlas Access List. You can add your IP to the access list with CDK by using @mongodbatlas-awscdk/project-ip-access-list or awscdk-resources-mongodbatlas.

also, I see another related cdk repository https://github.com/mongodb/awscdk-resources-mongodbatlas. I wonder which one to use.

Going forward, we will add new features and bug fixes only to awscdk-resources-mongodbatlas. This package contains all the MongoDB Atlas constructors that allow you to manage MongoDB Atlas resources with AWS CDK.

[dahiyahimanshu]

For testing connection and proving IP access list, i started with AtlasBasic construct.

from aws_cdk import (
    Stack, CfnOutput
)
from constructs import Construct

from awscdk_resources_mongodbatlas import (AdvancedRegionConfig, AdvancedReplicationSpec,
                                           Specs, AccessListDefinition, IpAccessListProps,
                                           ProjectProps, ClusterProps, AtlasBasic, PrivateEndpoint,
                                           AtlasBasicPrivateEndpoint, AtlasBasicProps, PrivateEndpointProps)

class MongodbStack(Stack):

    def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)

        org_id_var = self.node.try_get_context('org_id')
        region_var = self.node.try_get_context('region')
        profile_name_var = self.node.try_get_context('profile')
        ip_addr_var = self.node.try_get_context('ip_addr')
        ip_comment_var = self.node.try_get_context('ip_comment')
        # vpc_id = self.node.try_get_context('vpc_id')
        # subnets = self.node.try_get_context('subnets')

        region_configs_var = [
            AdvancedRegionConfig(analytics_specs=Specs(node_count=1, instance_size="M10", ebs_volume_type="STANDARD"),
                                 electable_specs=Specs(node_count=3, instance_size="M10", ebs_volume_type="STANDARD"),
                                 priority=7,
                                 region_name=region_var)]
        replication_specs_var = [AdvancedReplicationSpec(advanced_region_configs=region_configs_var, num_shards=1)]

        access_list_defs_var = [AccessListDefinition(ip_address=ip_addr_var, comment=ip_comment_var)]

        atlas_basic_l3 = AtlasBasic(self, "AtlasBasic-py-l3",
                                    cluster_props=ClusterProps(replication_specs=replication_specs_var),
                                    project_props=ProjectProps(org_id=org_id_var),
                                    ip_access_list_props=IpAccessListProps(access_list=access_list_defs_var),
                                    profile=profile_name_var)
        print(atlas_basic_l3.m_cluster.props)
        CfnOutput(self,
                  f"stdUrl",
                  description=f"URL of mongoDb url",
                  value=atlas_basic_l3.m_cluster.props.connection_strings.standard)
        CfnOutput(self,
                  f"stdSrvUrl",
                  description=f"Srv URL of mongoDb url",
                  value=atlas_basic_l3.m_cluster.props.connection_strings.standard_srv)

I followed new repo, i am not able to CfnOutput connection parameters. Getting Below problem. Please help.

(.venv) hdahiya@IN-HDAHIYA-T14:~/mongodb4$ cdk deploy --context org_id=640dba22c5b1cc609ab132d0 --context region=EU_WEST_1 --context profile=mycom-default --context ip_addr='103.65.30.238'
CfnClusterProps(name='atlas-cluster-9883149', project_id='${Token[TOKEN.651]}', cluster_type='REPLICASET', profile='mycom-default', replication_specs=[AdvancedReplicationSpec(advanced_region_configs=[AdvancedRegionConfig(analytics_specs=Specs(ebs_volume_type='STANDARD', instance_size='M10', node_count=1), electable_specs=Specs(ebs_volume_type='STANDARD', instance_size='M10', node_count=3), priority=7, region_name='EU_WEST_1')], num_shards=1)])
Traceback (most recent call last):
  File "/home/hdahiya/mongodb4/app.py", line 10, in <module>
    MongodbStack(app, "MongodbStack",
  File "/home/hdahiya/mongodb4/.venv/lib/python3.10/site-packages/jsii/_runtime.py", line 112, in __call__
    inst = super().__call__(*args, **kwargs)
  File "/home/hdahiya/mongodb4/mongodb/mongodb_stack.py", line 43, in __init__
    value=atlas_basic_l3.m_cluster.props.connection_strings.standard)
AttributeError: 'NoneType' object has no attribute 'standard'

Subprocess exited with error 1

[andreaangiolillo]

Hi 👋

Since the original issue was fixed, can I ask you to close this issue and open a new one at https://github.com/mongodb/awscdk-resources-mongodbatlas?

Thanks