Closed JnMik closed 4 years ago
Ah just realized i'm not the only one that found the version typo https://github.com/mongodb/vault-plugin-secrets-mongodbatlas/pull/18
I'll keep my thread open for the "Supposed to be packaged with vault" issue.
@JnMik apologizes for the delay as we have been working on getting this completed/
In regard to the version we'll get that updated once finalized. The README is written to be forward looking. We are working with HashiCorp for a review of the code and so once verified the statements will become valid. That is why at the top of the README we have the disclaimer:
IMPORTANT: This plugin is currently under development. Feel free to test it out following the instructions under the Developing section below, however consider this beta until it is verified by HashiCorp. Once verified and released versions will be documented in a CHANGELOG
Once the review is completed we'll update the information on how to use this plugin until it's included in the next version of Vault.
Any ETA on that? MLab is pushing to migrate off to atlas however the ops experience when it comes to atlas <-> vault integration is terrible. This is causing us major headache right now.
@heprotecbuthealsoattac The plugin is not packaged with vault, however you can manually install it if your application is resilient to autoretry conection when it fails to authenticate. Because it will happen (See my other issue).
In my case I couldn't have that so The simpliest way I found is manage atlas user through terraform (with the mongodbatlas provider user resource) and forward the generated users credentials to vault (still with terraform, with the vault provider) in a "secret kv put" equivalent resource.
It's a working idea, see if it could work for you :) Credentials lease renewal will have to be scripted manually.
Cheers
I'll close the issue since mongo's people seems aware of the innacurate readme and will fix it later.
Hello guys !
Here's what the readme says
If you are using Vault 11.0.1 or above, both plugins are packaged with Vault. The MongoDB Atlas Secrets Engine can be enabled by running: Vault secrets enable mongodbatlas
Vault latest version is 1.2.3, so it's kinda far behind 11.0.1 Maybe you meant 0.11.1 ?
Also, I currently have a running version of Vault 1.2.3 and don't see any mongo-db-atlas plugin in the result of
$ vault plugin list
command.Trying to enable the secrets anyway give me this error
I will try to package it and install it manually, but i'm not sure why it says that it's supposed to be packaged with vault ?
Also, both of these quicklinks (in the README) leads to 404 pages
Thanks for clarifying things out !