[Bug]: Can't setup privatelink_endpoint_service_data_federation_online_archive region or VPC Endpoint DNS Name for AWS

[hincera]

Is there an existing issue for this?

• [X] I have searched the existing issues

Provider Version

v1.14.0

Terraform Version

v1.5.1

Terraform Edition

Terraform Open Source (OSS)

Current Behavior

It creates online archive endpoint without region and dns settings:

Terraform configuration to reproduce the issue

resource "mongodbatlas_privatelink_endpoint_service_data_federation_online_archive" "onlinearchive" {
  project_id    = "<PROJECT ID>"
  endpoint_id   = "<endpoint id>
  provider_name = "AWS"
  comment       = "Access to online archive"
}

Steps To Reproduce

1. Run and apply
2. Review changes at mongo panel

Logs

No response

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[github-actions[bot]]

Thanks for opening this issue! Please make sure you've followed our guidelines when opening the issue. In short, to help us reproduce the issue we need:

• Terraform configuration file used to reproduce the issue
• Terraform log files from the run where the issue occurred
• Terraform Atlas provider version used to reproduce the issue
• Terraform version used to reproduce the issue
• Confirmation if Terraform OSS, Terraform Cloud, or Terraform Enterprise deployment

The ticket CLOUDP-226360 was created for internal tracking.

[mbig]

Terraform v1.5.7 on darwin_amd64

• provider registry.terraform.io/hashicorp/aws v5.34.0
• provider registry.terraform.io/mongodb/mongodbatlas v1.14.0

From the example in https://github.com/mongodb/terraform-provider-mongodbatlas/blob/master/examples/mongodbatlas_privatelink_endpoint/aws/data-federation-online-archive/atlas-privatelink.tf

resource "mongodbatlas_privatelink_endpoint" "pe_east" {
  project_id    = var.project_id
  provider_name = "AWS"
  region        = "us-east-1"
}

This piece of code creates private link for dedicated clusters that are unnecessary in this case.

https://github.com/mongodb/terraform-provider-mongodbatlas/blob/master/examples/mongodbatlas_privatelink_endpoint/aws/data-federation-online-archive/aws-vpc.tf

resource "aws_vpc_endpoint" "vpce_east" {
  vpc_id             = aws_vpc.vpc_east.id
  service_name       = mongodbatlas_privatelink_endpoint.pe_east.endpoint_service_name
  vpc_endpoint_type  = "Interface"
  subnet_ids         = [aws_subnet.subnet_east_a.id, aws_subnet.subnet_east_b.id]
  security_group_ids = [aws_security_group.sg_east.id]
}

This creates an aws vpc endpoint with the service name of a private link for dedicated clusters that is wrong, should be a private link for federated clusters.

resource "mongodbatlas_privatelink_endpoint_service_data_federation_online_archive" "test" {
  project_id    = var.project_id
  endpoint_id   = aws_vpc_endpoint.vpce_east.id
  provider_name = "AWS"
  comment       = "Terraform Acceptance Test"
}

This creates a definition of a private link for federated clusters but it's not configured.

[github-actions[bot]]

This issue has gone 7 days without any activity and meets the project’s definition of "stale". This will be auto-closed if there is no new activity over the next 7 days. If the issue is still relevant and active, you can simply comment with a "bump" to keep it open, or add the label "not_stale". Thanks for keeping our repository healthy!

[hincera]

bump

[mbig]

bump

[github-actions[bot]]

This issue has gone 7 days without any activity and meets the project’s definition of "stale". This will be auto-closed if there is no new activity over the next 7 days. If the issue is still relevant and active, you can simply comment with a "bump" to keep it open, or add the label "not_stale". Thanks for keeping our repository healthy!

[hincera]

bump

[maastha]

@hincera Thanks for creating this issue, is it possible to share additional details/configuration for the <endpoint-id> in your example as well so we may reproduce this in line with our "one-click reproducible issues" principle

@mbig Thanks for highlighting the issues with the example, we will review this internally. Please provide additional details/configurations for us to easily reproduce this issue as per our guidelines.

[hincera]

@hincera Thanks for creating this issue, is it possible to share additional details/configuration for the <endpoint-id> in your example as well so we may reproduce this in line with our "one-click reproducible issues" principle

@mbig Thanks for highlighting the issues with the example, we will review this internally. Please provide additional details/configurations for us to easily reproduce this issue as per our guidelines.

Hi @maastha the endpoint id is generated by aws when creating a privatelink endpoint. This id is private at our infra and we can't share it.

You can test this issue by creating a private endpoint at any aws account owned by you and just with this code:

resource "mongodbatlas_privatelink_endpoint_service_data_federation_online_archive" "onlinearchive" {
  project_id    = "<PROJECT ID>"
  endpoint_id   = "<endpoint id>"
  provider_name = "AWS"
  comment       = "Access to online archive"
}

endpoint id - Provided by AWS once privatelink is created PROJECT ID - The Mongo Atlas Project ID

[Zuhairahmed]

hi @hincera @mbig confirming this issue is because our Terraform Atlas Provider is lacking few recently added Atlas Admin Parameters region and customerEndpointDNSName. internal ticket for tracking purposes CLOUDP-229354 to get this resolved. ETA is 1-2 months

[Zuhairahmed]

Also since this is an improvement in Terraform Atlas Provider and not bug per se that is already on our near term roadmap, i'm going to close this issue here. Feel free to highlight feature request or upvote existing item on UserVoice portal: https://feedback.mongodb.com/forums/924145-atlas?category_id=370723

You should see this included as part of near term v1.15.2 Terraform Provider release if helpful: https://registry.terraform.io/providers/mongodb/mongodbatlas/latest

[EspenAlbert]

@hincera this has now been released in v.1.15.2 🎉 thank you for this issue

[hincera]

Works now! Thanks