From 4eacc0b46e82acf2041f9cc802cbc104f395a29a Mon Sep 17 00:00:00 2001 From: Leo Antoli <430982+lantoli@users.noreply.github.com> Date: Thu, 6 Nov 2025 04:42:40 +0100 Subject: [PATCH] remove data lake references --- cfn-resources/README.md | 1 - cfn-resources/database-user/docs/README.md | 6 +- .../mongodb-atlas-databaseuser.json | 2 +- .../cmd/resource/config.go | 0 .../docs/README.md | 4 +- .../docs/cloudproviderconfig.md | 4 +- .../docs/collection.md | 2 +- .../docs/database.md | 2 +- .../docs/dataprocessregion.md | 6 +- .../docs/datasource.md | 2 +- .../docs/readpreference.md | 2 +- .../docs/storage.md | 4 +- .../federated-database-instance/docs/store.md | 4 +- ...ngodb-atlas-federateddatabaseinstance.json | 36 +-- .../resource-role.yaml | 7 + .../data-federation.basic.cfn.template.json | 2 +- .../test/data-federation.cfn.template.json | 2 +- .../private-endpoint-adl/.rpdk-config | 17 -- cfn-resources/private-endpoint-adl/Makefile | 19 -- cfn-resources/private-endpoint-adl/README.md | 17 -- .../private-endpoint-adl/cmd/main.go | 85 ------- .../cmd/resource/model.go | 13 -- .../cmd/resource/resource.go | 210 ------------------ .../private-endpoint-adl/docs/README.md | 101 --------- .../mongodb-atlas-privateendpointadl.json | 74 ------ .../private-endpoint-adl/resource-role.yaml | 38 ---- .../private-endpoint-adl/template.yml | 29 --- .../private-endpoint-adl/test/README.md | 75 ------- .../test/cfn-test-create-inputs.sh | 104 --------- .../test/cfn-test-delete-inputs.sh | 72 ------ .../test/inputs_1_create.template.json | 8 - .../docs/README.md | 2 +- ...intservicedatafederationonlinearchive.json | 2 +- ...vate-mongodb-atlas-resources.template.yaml | 30 +-- .../private-endpoint-adl/endpoint-adl.json | 37 --- 35 files changed, 51 insertions(+), 968 deletions(-) rename cfn-resources/{private-endpoint-adl => federated-database-instance}/cmd/resource/config.go (100%) delete mode 100644 cfn-resources/private-endpoint-adl/.rpdk-config delete mode 100644 cfn-resources/private-endpoint-adl/Makefile delete mode 100644 cfn-resources/private-endpoint-adl/README.md delete mode 100644 cfn-resources/private-endpoint-adl/cmd/main.go delete mode 100644 cfn-resources/private-endpoint-adl/cmd/resource/model.go delete mode 100644 cfn-resources/private-endpoint-adl/cmd/resource/resource.go delete mode 100644 cfn-resources/private-endpoint-adl/docs/README.md delete mode 100644 cfn-resources/private-endpoint-adl/mongodb-atlas-privateendpointadl.json delete mode 100644 cfn-resources/private-endpoint-adl/resource-role.yaml delete mode 100644 cfn-resources/private-endpoint-adl/template.yml delete mode 100644 cfn-resources/private-endpoint-adl/test/README.md delete mode 100755 cfn-resources/private-endpoint-adl/test/cfn-test-create-inputs.sh delete mode 100755 cfn-resources/private-endpoint-adl/test/cfn-test-delete-inputs.sh delete mode 100644 cfn-resources/private-endpoint-adl/test/inputs_1_create.template.json delete mode 100644 examples/private-endpoint-adl/endpoint-adl.json diff --git a/cfn-resources/README.md b/cfn-resources/README.md index 098c4dbd0..67a1dfa11 100644 --- a/cfn-resources/README.md +++ b/cfn-resources/README.md @@ -32,7 +32,6 @@ Note these are also hosted on AWS CloudFormation Public Registry under Third Par | online-archive | ![Build](https://img.shields.io/badge/GA-green) | [example](../examples/online-archive/online-archive.json) | [./online-archive/test](./online-archive/test) | | org-invitation | ![Build](https://img.shields.io/badge/GA-green) | [example](../examples/org-invitation/org-invitation.json) | [./org-invitation/test](./org-invitation/test) | | private-endpoint | ![Build](https://img.shields.io/badge/Deprecated-red) | [example](../examples/private-endpoint/privateEndpoint.json) | [./private-endpoint/test](./private-endpoint/test) | -| private-endpoint-adl | ![Build](https://img.shields.io/badge/GA-green) | [example](../examples/private-endpoint-adl/endpoint-adl.json) | [./private-endpoint-adl/test](./private-endpoint-adl/test) | | private-endpoint-regional-mode | ![Build](https://img.shields.io/badge/GA-green) | [example](../examples/private-endpoint-regional-mode/privateEndpointRegionalMode.json) | [./private-endpoint-regional-mode/test](./private-endpoint-regional-mode/test) | | project | ![Build](https://img.shields.io/badge/GA-green) | [example](../examples/project/project.json) | [./project/test](./project/test) | | project-invitation | ![Build](https://img.shields.io/badge/GA-green) | [example](../examples/project-invitation/project-invitation.json) | [./project-invitation/test](./project-invitation/test) | diff --git a/cfn-resources/database-user/docs/README.md b/cfn-resources/database-user/docs/README.md index b6b44da41..bcea86e6f 100644 --- a/cfn-resources/database-user/docs/README.md +++ b/cfn-resources/database-user/docs/README.md @@ -162,7 +162,7 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Scopes -List that contains clusters and MongoDB Atlas Data Lakes that this database user can access. If omitted, MongoDB Cloud grants the database user access to all the clusters and MongoDB Atlas Data Lakes in the project. +List that contains clusters and MongoDB Atlas Data Federation that this database user can access. If omitted, MongoDB Cloud grants the database user access to all the clusters and MongoDB Atlas Data Federation in the project. _Required_: No @@ -172,8 +172,8 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Username -Human-readable label that represents the user that authenticates to MongoDB. The format of this label depends on the method of authentication. This will be USER_ARN or ROLE_ARN if AWSIAMType is USER or ROLE. Refer https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-createdatabaseuser - +Human-readable label that represents the user that authenticates to MongoDB. The format of this label depends on the method of authentication. This will be USER_ARN or ROLE_ARN if AWSIAMType is USER or ROLE. Refer https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Database-Users/operation/createDatabaseUser for details. + _Required_: Yes _Type_: String diff --git a/cfn-resources/database-user/mongodb-atlas-databaseuser.json b/cfn-resources/database-user/mongodb-atlas-databaseuser.json index c3b4acba3..5b58a2bff 100644 --- a/cfn-resources/database-user/mongodb-atlas-databaseuser.json +++ b/cfn-resources/database-user/mongodb-atlas-databaseuser.json @@ -138,7 +138,7 @@ "uniqueItems": true }, "Scopes": { - "description": "List that contains clusters and MongoDB Atlas Data Lakes that this database user can access. If omitted, MongoDB Cloud grants the database user access to all the clusters and MongoDB Atlas Data Lakes in the project.", + "description": "List that contains clusters and MongoDB Atlas Data Federation that this database user can access. If omitted, MongoDB Cloud grants the database user access to all the clusters and MongoDB Atlas Data Federation in the project.", "items": { "$ref": "#/definitions/scopeDefinition" }, diff --git a/cfn-resources/private-endpoint-adl/cmd/resource/config.go b/cfn-resources/federated-database-instance/cmd/resource/config.go similarity index 100% rename from cfn-resources/private-endpoint-adl/cmd/resource/config.go rename to cfn-resources/federated-database-instance/cmd/resource/config.go diff --git a/cfn-resources/federated-database-instance/docs/README.md b/cfn-resources/federated-database-instance/docs/README.md index 208776e9e..683b20a6c 100644 --- a/cfn-resources/federated-database-instance/docs/README.md +++ b/cfn-resources/federated-database-instance/docs/README.md @@ -41,7 +41,7 @@ Properties: #### CloudProviderConfig -Cloud provider linked to this data lake.. +Cloud provider linked to this Atlas Data Federation. _Required_: No @@ -51,7 +51,7 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### DataProcessRegion -Information about the cloud provider region to which the data lake routes client connections. MongoDB Cloud supports AWS only. +Information about the cloud provider region to which the Atlas Data Federation routes client connections. MongoDB Cloud supports AWS only. _Required_: No diff --git a/cfn-resources/federated-database-instance/docs/cloudproviderconfig.md b/cfn-resources/federated-database-instance/docs/cloudproviderconfig.md index 5d2b992d1..8ba6c039e 100644 --- a/cfn-resources/federated-database-instance/docs/cloudproviderconfig.md +++ b/cfn-resources/federated-database-instance/docs/cloudproviderconfig.md @@ -1,6 +1,6 @@ # MongoDB::Atlas::FederatedDatabaseInstance CloudProviderConfig -Cloud provider linked to this data lake.. +Cloud provider linked to this Atlas Data Federation. ## Syntax @@ -26,7 +26,7 @@ To declare this entity in your AWS CloudFormation template, use the following sy #### RoleId -Unique identifier of the role that the data lake can use to access the data stores.Required if specifying cloudProviderConfig. +Unique identifier of the role that the Atlas Data Federation can use to access the data stores.Required if specifying cloudProviderConfig. _Required_: No diff --git a/cfn-resources/federated-database-instance/docs/collection.md b/cfn-resources/federated-database-instance/docs/collection.md index 38a01f5fc..0f26da4d1 100644 --- a/cfn-resources/federated-database-instance/docs/collection.md +++ b/cfn-resources/federated-database-instance/docs/collection.md @@ -27,7 +27,7 @@ To declare this entity in your AWS CloudFormation template, use the following sy #### DataSources -Array that contains the data stores that map to a collection for this data lake. +Array that contains the data stores that map to a collection for this Atlas Data Federation. _Required_: No diff --git a/cfn-resources/federated-database-instance/docs/database.md b/cfn-resources/federated-database-instance/docs/database.md index 1ef7abd03..c1ea790b1 100644 --- a/cfn-resources/federated-database-instance/docs/database.md +++ b/cfn-resources/federated-database-instance/docs/database.md @@ -50,7 +50,7 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Name -Human-readable label that identifies the database to which the data lake maps data. +Human-readable label that identifies the database to which the Atlas Data Federation maps data. _Required_: No diff --git a/cfn-resources/federated-database-instance/docs/dataprocessregion.md b/cfn-resources/federated-database-instance/docs/dataprocessregion.md index 6136c7a5f..b06ed94b7 100644 --- a/cfn-resources/federated-database-instance/docs/dataprocessregion.md +++ b/cfn-resources/federated-database-instance/docs/dataprocessregion.md @@ -1,6 +1,6 @@ # MongoDB::Atlas::FederatedDatabaseInstance DataProcessRegion -Information about the cloud provider region to which the data lake routes client connections. MongoDB Cloud supports AWS only. +Information about the cloud provider region to which the Atlas Data Federation routes client connections. MongoDB Cloud supports AWS only. ## Syntax @@ -26,7 +26,7 @@ To declare this entity in your AWS CloudFormation template, use the following sy #### CloudProvider -Name of the cloud service that hosts the data lake's data stores. +Name of the cloud service that hosts the Atlas Data Federation data stores. _Required_: No @@ -36,7 +36,7 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Region -Name of the region to which the data lake routes client connections. +Name of the region to which the Atlas Data Federation routes client connections. _Required_: Yes diff --git a/cfn-resources/federated-database-instance/docs/datasource.md b/cfn-resources/federated-database-instance/docs/datasource.md index 8bfd19d3d..6cf4ed565 100644 --- a/cfn-resources/federated-database-instance/docs/datasource.md +++ b/cfn-resources/federated-database-instance/docs/datasource.md @@ -127,7 +127,7 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Urls -URLs of the publicly accessible data files. You can't specify URLs that require authentication. Atlas Data Lake creates a partition for each URL. If empty or omitted, Data Lake uses the URLs from the store specified in the dataSources.storeName parameter. +URLs of the publicly accessible data files. You can't specify URLs that require authentication. Atlas Data Federation creates a partition for each URL. If empty or omitted, Data Federation uses the URLs from the store specified in the dataSources.storeName parameter. _Required_: No diff --git a/cfn-resources/federated-database-instance/docs/readpreference.md b/cfn-resources/federated-database-instance/docs/readpreference.md index fab6d9126..18c720ddd 100644 --- a/cfn-resources/federated-database-instance/docs/readpreference.md +++ b/cfn-resources/federated-database-instance/docs/readpreference.md @@ -49,7 +49,7 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### TagSets -List that contains tag sets or tag specification documents. If specified, Atlas Data Lake routes read requests to replica set member or members that are associated with the specified tags. +List that contains tag sets or tag specification documents. If specified, Atlas Data Federation routes read requests to replica set member or members that are associated with the specified tags. _Required_: No diff --git a/cfn-resources/federated-database-instance/docs/storage.md b/cfn-resources/federated-database-instance/docs/storage.md index 8ee7587db..6b81bc169 100644 --- a/cfn-resources/federated-database-instance/docs/storage.md +++ b/cfn-resources/federated-database-instance/docs/storage.md @@ -28,7 +28,7 @@ To declare this entity in your AWS CloudFormation template, use the following sy #### Databases -Array that contains the queryable databases and collections for this data lake. +Array that contains the queryable databases and collections for this Atlas Data Federation. _Required_: No @@ -38,7 +38,7 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Stores -Array that contains the data stores for the data lake. +Array that contains the data stores for the Atlas Data Federation. _Required_: No diff --git a/cfn-resources/federated-database-instance/docs/store.md b/cfn-resources/federated-database-instance/docs/store.md index 75cb7392b..fd177ab10 100644 --- a/cfn-resources/federated-database-instance/docs/store.md +++ b/cfn-resources/federated-database-instance/docs/store.md @@ -1,6 +1,6 @@ # MongoDB::Atlas::FederatedDatabaseInstance Store -Array that contains the data stores for the data lake. +Array that contains the data stores for the Atlas Data Federation. ## Syntax @@ -32,7 +32,7 @@ To declare this entity in your AWS CloudFormation template, use the following sy #### Name -Human-readable label that identifies the data store. The databases.[n].collections.[n].dataSources.[n].storeName field references this values as part of the mapping configuration. To use MongoDB Cloud as a data store, the data lake requires a serverless instance or an M10 or higher cluster. +Human-readable label that identifies the data store. The databases.[n].collections.[n].dataSources.[n].storeName field references this values as part of the mapping configuration. To use MongoDB Cloud as a data store, the Atlas Data Federation requires a serverless instance or an M10 or higher cluster. _Required_: No diff --git a/cfn-resources/federated-database-instance/mongodb-atlas-federateddatabaseinstance.json b/cfn-resources/federated-database-instance/mongodb-atlas-federateddatabaseinstance.json index 7dd11c99d..76bc0228b 100644 --- a/cfn-resources/federated-database-instance/mongodb-atlas-federateddatabaseinstance.json +++ b/cfn-resources/federated-database-instance/mongodb-atlas-federateddatabaseinstance.json @@ -3,23 +3,23 @@ "definitions": { "CloudProviderConfig": { "type": "object", - "description": "Cloud provider linked to this data lake..", + "description": "Cloud provider linked to this Atlas Data Federation.", "properties": { "ExternalId": { "type": "string", - "description": "Unique identifier of the role that the data lake can use to access the data stores.Required if specifying cloudProviderConfig." + "description": "Unique identifier of the role that the Atlas Data Federation can use to access the data stores.Required if specifying cloudProviderConfig." }, "IamAssumedRoleARN": { "type": "string", - "description": "Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that the data lake assumes when accessing data stores." + "description": "Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that the Atlas Data Federation assumes when accessing data stores." }, "IamUserARN": { "type": "string", - "description": "Amazon Resource Name (ARN) of the user that the data lake assumes when accessing data stores." + "description": "Amazon Resource Name (ARN) of the user that the Atlas Data Federation assumes when accessing data stores." }, "RoleId": { "type": "string", - "description": "Unique identifier of the role that the data lake can use to access the data stores.Required if specifying cloudProviderConfig." + "description": "Unique identifier of the role that the Atlas Data Federation can use to access the data stores.Required if specifying cloudProviderConfig." }, "TestS3Bucket": { "type": "string", @@ -30,15 +30,15 @@ }, "DataProcessRegion": { "type": "object", - "description": "Information about the cloud provider region to which the data lake routes client connections. MongoDB Cloud supports AWS only.", + "description": "Information about the cloud provider region to which the Atlas Data Federation routes client connections. MongoDB Cloud supports AWS only.", "properties": { "CloudProvider": { "type": "string", - "description": "Name of the cloud service that hosts the data lake's data stores." + "description": "Name of the cloud service that hosts the Atlas Data Federation data stores." }, "Region": { "type": "string", - "description": "Name of the region to which the data lake routes client connections." + "description": "Name of the region to which the Atlas Data Federation routes client connections." } }, "required": [ @@ -53,7 +53,7 @@ "Databases": { "type": "array", "insertionOrder": false, - "description": "Array that contains the queryable databases and collections for this data lake.", + "description": "Array that contains the queryable databases and collections for this Atlas Data Federation.", "items": { "$ref": "#/definitions/Database", "type": "object" @@ -62,7 +62,7 @@ "Stores": { "type": "array", "insertionOrder": false, - "description": "Array that contains the data stores for the data lake.", + "description": "Array that contains the data stores for the Atlas Data Federation.", "items": { "$ref": "#/definitions/Store", "type": "object" @@ -89,7 +89,7 @@ }, "Name": { "type": "string", - "description": "Human-readable label that identifies the database to which the data lake maps data." + "description": "Human-readable label that identifies the database to which the Atlas Data Federation maps data." }, "Views": { "type": "array", @@ -105,11 +105,11 @@ }, "Store": { "type": "object", - "description": "Array that contains the data stores for the data lake.", + "description": "Array that contains the data stores for the Atlas Data Federation.", "properties": { "Name": { "type": "string", - "description": "Human-readable label that identifies the data store. The databases.[n].collections.[n].dataSources.[n].storeName field references this values as part of the mapping configuration. To use MongoDB Cloud as a data store, the data lake requires a serverless instance or an M10 or higher cluster." + "description": "Human-readable label that identifies the data store. The databases.[n].collections.[n].dataSources.[n].storeName field references this values as part of the mapping configuration. To use MongoDB Cloud as a data store, the Atlas Data Federation requires a serverless instance or an M10 or higher cluster." }, "Provider": { "type": "string", @@ -137,7 +137,7 @@ "properties": { "DataSources": { "type": "array", - "description": "Array that contains the data stores that map to a collection for this data lake.", + "description": "Array that contains the data stores that map to a collection for this Atlas Data Federation.", "insertionOrder": false, "items": { "$ref": "#/definitions/DataSource", @@ -192,7 +192,7 @@ }, "Urls": { "type": "array", - "description": "URLs of the publicly accessible data files. You can't specify URLs that require authentication. Atlas Data Lake creates a partition for each URL. If empty or omitted, Data Lake uses the URLs from the store specified in the dataSources.storeName parameter.", + "description": "URLs of the publicly accessible data files. You can't specify URLs that require authentication. Atlas Data Federation creates a partition for each URL. If empty or omitted, Data Federation uses the URLs from the store specified in the dataSources.storeName parameter.", "insertionOrder": false, "items": { "type": "string" @@ -232,7 +232,7 @@ }, "TagSets": { "type": "array", - "description": "List that contains tag sets or tag specification documents. If specified, Atlas Data Lake routes read requests to replica set member or members that are associated with the specified tags.", + "description": "List that contains tag sets or tag specification documents. If specified, Atlas Data Federation routes read requests to replica set member or members that are associated with the specified tags.", "insertionOrder": false, "items": { "$ref": "#/definitions/ReadReferenceTags" @@ -295,12 +295,12 @@ "properties": { "CloudProviderConfig": { "type": "object", - "description": "Cloud provider linked to this data lake.", + "description": "Cloud provider linked to this Atlas Data Federation.", "$ref": "#/definitions/CloudProviderConfig" }, "DataProcessRegion": { "type": "object", - "description": "Information about the cloud provider region to which the data lake routes client connections. MongoDB Cloud supports AWS only.", + "description": "Information about the cloud provider region to which the Atlas Data Federation routes client connections. MongoDB Cloud supports AWS only.", "$ref": "#/definitions/DataProcessRegion" }, "ProjectId": { diff --git a/cfn-resources/federated-database-instance/resource-role.yaml b/cfn-resources/federated-database-instance/resource-role.yaml index 87ec5ce9a..9edd81d76 100644 --- a/cfn-resources/federated-database-instance/resource-role.yaml +++ b/cfn-resources/federated-database-instance/resource-role.yaml @@ -15,6 +15,13 @@ Resources: Principal: Service: resources.cloudformation.amazonaws.com Action: sts:AssumeRole + Condition: + StringEquals: + aws:SourceAccount: + Ref: AWS::AccountId + StringLike: + aws:SourceArn: + Fn::Sub: arn:${AWS::Partition}:cloudformation:${AWS::Region}:${AWS::AccountId}:type/resource/MongoDB-Atlas-FederatedDatabaseInstance/* Path: "/" Policies: - PolicyName: ResourceTypePolicy diff --git a/cfn-resources/federated-database-instance/test/data-federation.basic.cfn.template.json b/cfn-resources/federated-database-instance/test/data-federation.basic.cfn.template.json index 00d9956a0..e11cf71a8 100644 --- a/cfn-resources/federated-database-instance/test/data-federation.basic.cfn.template.json +++ b/cfn-resources/federated-database-instance/test/data-federation.basic.cfn.template.json @@ -1,6 +1,6 @@ { "AWSTemplateFormatVersion": "2010-09-09", - "Description": "This template creates an Atlas Data Lake in the specified project", + "Description": "This template creates an Atlas Data Federation in the specified project", "Parameters": { "Profile": { "Type": "String", diff --git a/cfn-resources/federated-database-instance/test/data-federation.cfn.template.json b/cfn-resources/federated-database-instance/test/data-federation.cfn.template.json index bc1e72896..2b4830844 100644 --- a/cfn-resources/federated-database-instance/test/data-federation.cfn.template.json +++ b/cfn-resources/federated-database-instance/test/data-federation.cfn.template.json @@ -1,6 +1,6 @@ { "AWSTemplateFormatVersion": "2010-09-09", - "Description": "This template creates an Atlas Data Lake in the specified project", + "Description": "This template creates an Atlas Data Federation in the specified project", "Parameters": { "Profile": { "Type": "String", diff --git a/cfn-resources/private-endpoint-adl/.rpdk-config b/cfn-resources/private-endpoint-adl/.rpdk-config deleted file mode 100644 index 11c02dbc9..000000000 --- a/cfn-resources/private-endpoint-adl/.rpdk-config +++ /dev/null @@ -1,17 +0,0 @@ -{ - "typeName": "MongoDB::Atlas::PrivateEndpointADL", - "language": "go", - "runtime": "provided.al2", - "entrypoint": "bootstrap", - "testEntrypoint": "bootstrap", - "settings": { - "version": false, - "subparser_name": null, - "verbose": 0, - "force": false, - "type_name": null, - "import_path": "github.com/mongodb/mongodbatlas-cloudformation-resources/private-endpoint-adl", - "protocolVersion": "2.0.0", - "pluginVersion": "2.0.4" - } -} diff --git a/cfn-resources/private-endpoint-adl/Makefile b/cfn-resources/private-endpoint-adl/Makefile deleted file mode 100644 index 6df18d210..000000000 --- a/cfn-resources/private-endpoint-adl/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -.PHONY: build test clean -tags=logging callback metrics scheduler -cgo=0 -goos=linux -goarch=amd64 -CFNREP_GIT_SHA?=$(shell git rev-parse HEAD) -ldXflags=-s -w -X github.com/mongodb/mongodbatlas-cloudformation-resources/util.defaultLogLevel=info -X github.com/mongodb/mongodbatlas-cloudformation-resources/version.Version=${CFNREP_GIT_SHA} -ldXflagsD=-X github.com/mongodb/mongodbatlas-cloudformation-resources/util.defaultLogLevel=debug -X github.com/mongodb/mongodbatlas-cloudformation-resources/version.Version=${CFNREP_GIT_SHA} - -build: - cfn generate - env GOOS=$(goos) CGO_ENABLED=$(cgo) GOARCH=$(goarch) go build -ldflags="$(ldXflags)" -tags="$(tags)" -o bin/bootstrap cmd/main.go - -debug: - cfn generate - env GOOS=$(goos) CGO_ENABLED=$(cgo) GOARCH=$(goarch) go build -ldflags="$(ldXflagsD)" -tags="$(tags)" -o bin/bootstrap cmd/main.go - -clean: - rm -rf bin diff --git a/cfn-resources/private-endpoint-adl/README.md b/cfn-resources/private-endpoint-adl/README.md deleted file mode 100644 index 26cc35520..000000000 --- a/cfn-resources/private-endpoint-adl/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# MongoDB::Atlas::PrivateEndpointADL - -## Description -Resource for managing [Private Endpoints for Federated Database Instances and Online Archives](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/group/endpoint-data-federation-private-networks). - -## Requirements - -Set up an AWS profile to securely give CloudFormation access to your Atlas credentials. -For instructions on setting up a profile, [see here](/README.md#mongodb-atlas-api-keys-credential-management). - -## Attributes and Parameters - -See the [resource docs](docs/README.md). - -## Cloudformation Examples - -See the examples [CFN Template](/examples/private-endpoint-adl/endpoint-adl.json) for example resource. diff --git a/cfn-resources/private-endpoint-adl/cmd/main.go b/cfn-resources/private-endpoint-adl/cmd/main.go deleted file mode 100644 index 3c7a1afbb..000000000 --- a/cfn-resources/private-endpoint-adl/cmd/main.go +++ /dev/null @@ -1,85 +0,0 @@ -// Code generated by 'cfn generate', changes will be undone by the next invocation. DO NOT EDIT. -package main - -import ( - "errors" - "fmt" - "log" - - "github.com/aws-cloudformation/cloudformation-cli-go-plugin/cfn" - "github.com/aws-cloudformation/cloudformation-cli-go-plugin/cfn/handler" - "github.com/mongodb/mongodbatlas-cloudformation-resources/private-endpoint-adl/cmd/resource" -) - -// Handler is a container for the CRUDL actions exported by resources -type Handler struct{} - -// Create wraps the related Create function exposed by the resource code -func (r *Handler) Create(req handler.Request) handler.ProgressEvent { - return wrap(req, resource.Create) -} - -// Read wraps the related Read function exposed by the resource code -func (r *Handler) Read(req handler.Request) handler.ProgressEvent { - return wrap(req, resource.Read) -} - -// Update wraps the related Update function exposed by the resource code -func (r *Handler) Update(req handler.Request) handler.ProgressEvent { - return wrap(req, resource.Update) -} - -// Delete wraps the related Delete function exposed by the resource code -func (r *Handler) Delete(req handler.Request) handler.ProgressEvent { - return wrap(req, resource.Delete) -} - -// List wraps the related List function exposed by the resource code -func (r *Handler) List(req handler.Request) handler.ProgressEvent { - return wrap(req, resource.List) -} - -// main is the entry point of the application. -func main() { - cfn.Start(&Handler{}) -} - -type handlerFunc func(handler.Request, *resource.Model, *resource.Model) (handler.ProgressEvent, error) - -func wrap(req handler.Request, f handlerFunc) (response handler.ProgressEvent) { - defer func() { - // Catch any panics and return a failed ProgressEvent - if r := recover(); r != nil { - err, ok := r.(error) - if !ok { - err = errors.New(fmt.Sprint(r)) - } - - log.Printf("Trapped error in handler: %v", err) - - response = handler.NewFailedEvent(err) - } - }() - - // Populate the previous model - prevModel := &resource.Model{} - if err := req.UnmarshalPrevious(prevModel); err != nil { - log.Printf("Error unmarshaling prev model: %v", err) - return handler.NewFailedEvent(err) - } - - // Populate the current model - currentModel := &resource.Model{} - if err := req.Unmarshal(currentModel); err != nil { - log.Printf("Error unmarshaling model: %v", err) - return handler.NewFailedEvent(err) - } - - response, err := f(req, prevModel, currentModel) - if err != nil { - log.Printf("Error returned from handler function: %v", err) - return handler.NewFailedEvent(err) - } - - return response -} diff --git a/cfn-resources/private-endpoint-adl/cmd/resource/model.go b/cfn-resources/private-endpoint-adl/cmd/resource/model.go deleted file mode 100644 index 8fbc27d19..000000000 --- a/cfn-resources/private-endpoint-adl/cmd/resource/model.go +++ /dev/null @@ -1,13 +0,0 @@ -// Code generated by 'cfn generate', changes will be undone by the next invocation. DO NOT EDIT. -// Updates to this type are made my editing the schema file and executing the 'generate' command. -package resource - -// Model is autogenerated from the json schema -type Model struct { - Profile *string `json:",omitempty"` - ProjectId *string `json:",omitempty"` - Comment *string `json:",omitempty"` - EndpointId *string `json:",omitempty"` - Provider *string `json:",omitempty"` - Type *string `json:",omitempty"` -} diff --git a/cfn-resources/private-endpoint-adl/cmd/resource/resource.go b/cfn-resources/private-endpoint-adl/cmd/resource/resource.go deleted file mode 100644 index 92ce3e895..000000000 --- a/cfn-resources/private-endpoint-adl/cmd/resource/resource.go +++ /dev/null @@ -1,210 +0,0 @@ -// Copyright 2023 MongoDB Inc -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package resource - -import ( - "context" - "errors" - "net/http" - - "github.com/aws-cloudformation/cloudformation-cli-go-plugin/cfn/handler" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/cloudformation" - "github.com/mongodb/mongodbatlas-cloudformation-resources/util" - "github.com/mongodb/mongodbatlas-cloudformation-resources/util/constants" - "github.com/mongodb/mongodbatlas-cloudformation-resources/util/progressevent" - "github.com/mongodb/mongodbatlas-cloudformation-resources/util/validator" - admin20231115014 "go.mongodb.org/atlas-sdk/v20231115014/admin" -) - -var RequiredFields = []string{constants.ProjectID, constants.EndpointID} -var ListRequiredFields = []string{constants.ProjectID} - -// function to validate inputs to all actions -func validateAndDefaultRequest(fields []string, model *Model) *handler.ProgressEvent { - if model.Type == nil { - model.Type = aws.String(constants.DataLake) - } - if model.Provider == nil { - model.Provider = aws.String(constants.AWS) - } - return validator.ValidateModel(fields, model) -} - -func setup() { - util.SetupLogger("mongodb-atlas-private-endpoint-adl") -} - -// Create handles the Create event from the Cloudformation service. -func Create(req handler.Request, prevModel *Model, currentModel *Model) (handler.ProgressEvent, error) { - setup() - validationError := validateAndDefaultRequest(RequiredFields, currentModel) - if validationError != nil { - return *validationError, nil - } - - util.SetDefaultProfileIfNotDefined(¤tModel.Profile) - client, peErr := util.NewAtlasClient(&req, currentModel.Profile) - if peErr != nil { - return *peErr, nil - } - - alreadyExists, pe := resourceAlreadyExists(*client, *currentModel) - if pe != nil { - return *pe, nil - } - - if alreadyExists { - return progressevent.GetFailedEventByCode("resource Already exists", cloudformation.HandlerErrorCodeAlreadyExists), nil - } - - ctx := context.Background() - - requestBody := admin20231115014.PrivateNetworkEndpointIdEntry{ - Provider: currentModel.Provider, - Type: currentModel.Type, - EndpointId: *currentModel.EndpointId, - Comment: currentModel.Comment, - } - _, resp, err := client.Atlas20231115014.DataFederationApi.CreateDataFederationPrivateEndpoint(ctx, *currentModel.ProjectId, &requestBody).Execute() - if err != nil { - return progressevent.GetFailedEventByResponse(err.Error(), resp), nil - } - event := handler.ProgressEvent{ - OperationStatus: handler.Success, - Message: "Created Private Link ADL", - ResourceModel: currentModel, - } - return event, nil -} - -func resourceAlreadyExists(client util.MongoDBClient, currentModel Model) (bool, *handler.ProgressEvent) { - _, resp, err := client.Atlas20231115014.DataFederationApi.GetDataFederationPrivateEndpoint(context.Background(), *currentModel.ProjectId, *currentModel.EndpointId).Execute() - if err != nil { - if apiError, ok := admin20231115014.AsError(err); ok && *apiError.Error == http.StatusNotFound { - return false, nil - } - - pe := progressevent.GetFailedEventByResponse(err.Error(), resp) - return false, &pe - } - - return true, nil -} - -// Read handles the Read event from the Cloudformation service. -func Read(req handler.Request, prevModel *Model, currentModel *Model) (handler.ProgressEvent, error) { - setup() - if currentModel.EndpointId == nil { - return progressevent.GetFailedEventByResponse("required field missing. Resource not found", &http.Response{ - StatusCode: http.StatusNotFound, - }), nil - } - validationError := validateAndDefaultRequest(RequiredFields, currentModel) - if validationError != nil { - return *validationError, nil - } - - util.SetDefaultProfileIfNotDefined(¤tModel.Profile) - client, peErr := util.NewAtlasClient(&req, currentModel.Profile) - if peErr != nil { - return *peErr, nil - } - - ctx := context.Background() - dlEndpoint, resp, err := client.Atlas20231115014.DataFederationApi.GetDataFederationPrivateEndpoint(ctx, *currentModel.ProjectId, *currentModel.EndpointId).Execute() - if err != nil { - return progressevent.GetFailedEventByResponse(err.Error(), resp), nil - } - - currentModel.Comment = dlEndpoint.Comment - currentModel.Type = dlEndpoint.Type - currentModel.Provider = dlEndpoint.Provider - event := handler.ProgressEvent{ - OperationStatus: handler.Success, - Message: "Read Private Link ADL", - ResourceModel: currentModel, - } - return event, nil -} - -// Update handles the Update event from the Cloudformation service. -func Update(req handler.Request, prevModel *Model, currentModel *Model) (handler.ProgressEvent, error) { - return handler.ProgressEvent{}, errors.New("not implemented: update") -} - -// Delete handles the Delete event from the Cloudformation service. -func Delete(req handler.Request, prevModel *Model, currentModel *Model) (handler.ProgressEvent, error) { - setup() - validationError := validateAndDefaultRequest(RequiredFields, currentModel) - if validationError != nil { - return *validationError, nil - } - - util.SetDefaultProfileIfNotDefined(¤tModel.Profile) - client, peErr := util.NewAtlasClient(&req, currentModel.Profile) - if peErr != nil { - return *peErr, nil - } - - ctx := context.Background() - _, resp, err := client.Atlas20231115014.DataFederationApi.DeleteDataFederationPrivateEndpoint(ctx, *currentModel.ProjectId, *currentModel.EndpointId).Execute() - if err != nil { - return progressevent.GetFailedEventByResponse(err.Error(), resp), nil - } - event := handler.ProgressEvent{ - OperationStatus: handler.Success, - Message: "delete data lake endpoint", - } - return event, nil -} - -// List handles the List event from the Cloudformation service. -func List(req handler.Request, prevModel *Model, currentModel *Model) (handler.ProgressEvent, error) { - setup() - validationError := validateAndDefaultRequest(ListRequiredFields, currentModel) - if validationError != nil { - return *validationError, nil - } - - util.SetDefaultProfileIfNotDefined(¤tModel.Profile) - client, peErr := util.NewAtlasClient(&req, currentModel.Profile) - if peErr != nil { - return *peErr, nil - } - - ctx := context.Background() - list, resp, err := client.Atlas20231115014.DataFederationApi.ListDataFederationPrivateEndpoints(ctx, *currentModel.ProjectId).Execute() - if err != nil { - return progressevent.GetFailedEventByResponse(err.Error(), resp), nil - } - models := make([]any, 0, len(list.GetResults())) - for _, v := range list.GetResults() { - models = append(models, &Model{ - ProjectId: currentModel.ProjectId, - Profile: currentModel.Profile, - Comment: v.Comment, - EndpointId: admin20231115014.PtrString(v.GetEndpointId()), - Provider: v.Provider, - Type: v.Type, - }) - } - event := handler.ProgressEvent{ - OperationStatus: handler.Success, - Message: "list data lake endpoints", - ResourceModels: models, - } - return event, nil -} diff --git a/cfn-resources/private-endpoint-adl/docs/README.md b/cfn-resources/private-endpoint-adl/docs/README.md deleted file mode 100644 index 6d098454a..000000000 --- a/cfn-resources/private-endpoint-adl/docs/README.md +++ /dev/null @@ -1,101 +0,0 @@ -# MongoDB::Atlas::PrivateEndpointADL - -Adds one private endpoint for Federated Database Instances and Online Archives to the specified projects. To use this resource, the requesting API Key must have the Project Atlas Admin or Project Charts Admin roles. This resource doesn't require the API Key to have an Access List. - -## Syntax - -To declare this entity in your AWS CloudFormation template, use the following syntax: - -### JSON - -
-{
-    "Type" : "MongoDB::Atlas::PrivateEndpointADL",
-    "Properties" : {
-        "Profile" : String,
-        "ProjectId" : String,
-        "Comment" : String,
-        "EndpointId" : String,
-        "Provider" : String,
-        "Type" : String
-    }
-}
-
- -### YAML - -
-Type: MongoDB::Atlas::PrivateEndpointADL
-Properties:
-    Profile: String
-    ProjectId: String
-    Comment: String
-    EndpointId: String
-    Provider: String
-    Type: String
-
- -## Properties - -#### Profile - -Profile used to provide credentials information, (a secret with the cfn/atlas/profile/{Profile}, is required), if not provided default is used - -_Required_: No - -_Type_: String - -_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) - -#### ProjectId - -Unique 24-hexadecimal digit string that identifies your project. - -_Required_: Yes - -_Type_: String - -_Pattern_: ^([a-f0-9]{24})$ - -_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) - -#### Comment - -Human-readable string to associate with this private endpoint. - -_Required_: No - -_Type_: String - -_Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) - -#### EndpointId - -Unique 22-character alphanumeric string that identifies the private endpoint. - -_Required_: No - -_Type_: String - -_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) - -#### Provider - -Human-readable label that identifies the cloud service provider. Atlas Data Lake supports Amazon Web Services only. - -_Required_: Yes - -_Type_: String - -_Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) - -#### Type - -Human-readable label that identifies the resource type associated with this private endpoint. - -_Required_: No - -_Type_: String - -_Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) - diff --git a/cfn-resources/private-endpoint-adl/mongodb-atlas-privateendpointadl.json b/cfn-resources/private-endpoint-adl/mongodb-atlas-privateendpointadl.json deleted file mode 100644 index 5c684fadf..000000000 --- a/cfn-resources/private-endpoint-adl/mongodb-atlas-privateendpointadl.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "typeName": "MongoDB::Atlas::PrivateEndpointADL", - "description": "Adds one private endpoint for Federated Database Instances and Online Archives to the specified projects. To use this resource, the requesting API Key must have the Project Atlas Admin or Project Charts Admin roles. This resource doesn't require the API Key to have an Access List.", - "handlers": { - "create": { - "permissions": [ - "secretsmanager:GetSecretValue" - ] - }, - "delete": { - "permissions": [ - "secretsmanager:GetSecretValue" - ] - }, - "list": { - "permissions": [ - "secretsmanager:GetSecretValue" - ] - }, - "read": { - "permissions": [ - "secretsmanager:GetSecretValue" - ] - } - }, - "sourceUrl": "https://github.com/mongodb/mongodbatlas-cloudformation-resources/tree/master/cfn-resources/private-endpoint-adl", - "properties": { - "Profile": { - "type": "string", - "description": "Profile used to provide credentials information, (a secret with the cfn/atlas/profile/{Profile}, is required), if not provided default is used", - "default": "default" - }, - "ProjectId": { - "description": "Unique 24-hexadecimal digit string that identifies your project.", - "type": "string", - "pattern": "^([a-f0-9]{24})$" - }, - "Comment": { - "description": "Human-readable string to associate with this private endpoint.", - "type": "string" - }, - "EndpointId": { - "description": "Unique 22-character alphanumeric string that identifies the private endpoint.", - "type": "string" - }, - "Provider": { - "description": "Human-readable label that identifies the cloud service provider. Atlas Data Lake supports Amazon Web Services only.", - "type": "string" - }, - "Type": { - "description": "Human-readable label that identifies the resource type associated with this private endpoint.", - "type": "string" - } - }, - "additionalProperties": false, - "required": [ - "Provider", - "ProjectId" - ], - "createOnlyProperties": [ - "/properties/EndpointId", - "/properties/Profile", - "/properties/ProjectId" - ], - "primaryIdentifier": [ - "/properties/EndpointId", - "/properties/ProjectId", - "/properties/Profile" - ], - "documentationUrl": "https://github.com/mongodb/mongodbatlas-cloudformation-resources/blob/master/cfn-resources/private-endpoint-adl/README.md", - "tagging": { - "taggable": false - } -} diff --git a/cfn-resources/private-endpoint-adl/resource-role.yaml b/cfn-resources/private-endpoint-adl/resource-role.yaml deleted file mode 100644 index 0b0f2cd8f..000000000 --- a/cfn-resources/private-endpoint-adl/resource-role.yaml +++ /dev/null @@ -1,38 +0,0 @@ -AWSTemplateFormatVersion: "2010-09-09" -Description: > - This CloudFormation template creates a role assumed by CloudFormation - during CRUDL operations to mutate resources on behalf of the customer. - -Resources: - ExecutionRole: - Type: AWS::IAM::Role - Properties: - MaxSessionDuration: 8400 - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Principal: - Service: resources.cloudformation.amazonaws.com - Action: sts:AssumeRole - Condition: - StringEquals: - aws:SourceAccount: - Ref: AWS::AccountId - StringLike: - aws:SourceArn: - Fn::Sub: arn:${AWS::Partition}:cloudformation:${AWS::Region}:${AWS::AccountId}:type/resource/MongoDB-Atlas-PrivateEndpointADL/* - Path: "/" - Policies: - - PolicyName: ResourceTypePolicy - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - "secretsmanager:GetSecretValue" - Resource: "*" -Outputs: - ExecutionRoleArn: - Value: - Fn::GetAtt: ExecutionRole.Arn diff --git a/cfn-resources/private-endpoint-adl/template.yml b/cfn-resources/private-endpoint-adl/template.yml deleted file mode 100644 index cb262b407..000000000 --- a/cfn-resources/private-endpoint-adl/template.yml +++ /dev/null @@ -1,29 +0,0 @@ -AWSTemplateFormatVersion: "2010-09-09" -Transform: AWS::Serverless-2016-10-31 -Description: AWS SAM template for the MongoDB::Atlas::DataLakeLink resource type - -Globals: - Function: - Timeout: 180 # docker start-up times can be long for SAM CLI - MemorySize: 256 - -Resources: - TypeFunction: - Type: AWS::Serverless::Function - Properties: - Handler: bootstrap - Runtime: provided.al2 - CodeUri: bin/ - - TestEntrypoint: - Type: AWS::Serverless::Function - Properties: - Handler: bootstrap - Runtime: provided.al2 - CodeUri: bin/ - Environment: - Variables: - MODE: Test - LOG_LEVEL: debug - MONGODB_ATLAS_BASE_URL: - diff --git a/cfn-resources/private-endpoint-adl/test/README.md b/cfn-resources/private-endpoint-adl/test/README.md deleted file mode 100644 index 4f0a706ed..000000000 --- a/cfn-resources/private-endpoint-adl/test/README.md +++ /dev/null @@ -1,75 +0,0 @@ -## MongoDB::Atlas::PrivateEndpointADL - -### Impact -The following components use this resource and are potentially impacted by any changes. They should also be validated to ensure the changes do not cause a regression. --Private endpoint adl L1 CDK constructor - - - -### Resources (and parameters for local tests) needed to manually QA: -The private endpoint id is to be manually provided. -- Atlas project (created by cfn-testing-helper.sh) -- Private endpoint id (AWS_VPC_ENDPOINT) - -## Manual QA: - -### Prerequisite steps: -1. You need a private VPC endpoint to test this resource: - - **a) [Recommended] Option1: Create a new test VPC with VPC endpoint in AWS:** - - i) Go to the AWS VPC console and click on Create VPC. - - ii) Refer to the [configuration here](https://user-images.githubusercontent.com/122359335/227306518-26eb8155-db09-4db1-8e7d-7a4a9eb1548d.png). This will have AWS quickly spin up a new VPC with private subnets and endpoints. Also select Enable DNS hostnames and Enable DNS resolution boxes. - - iii) Once VPC creation is done, navigate to the Endpoints section under the VPC console and search for the created endpoint with your VPC ID. Note the VPC endpoint ID with Service name as “com.amazonaws.vpce.us-east-1.*” - - **b) Option 2: Use an existing VPC with private subnet and create endpoint using AWS CLI:** - - i) In Atlas UI, navigate to your project -> Network Access -> Private Endpoint -> click on tab Federated Database Instance / Online Archive -> Create New Endpoint button. - - ii) Follow UI prompts to select AWS region and add your VPC and subnet IDs ([see screenshot](https://user-images.githubusercontent.com/122359335/227306584-3205de0c-a0a3-4d79-a20a-925630f10b85.png)) - - iii) Copy and run the command mentioned in the UI prompt to create VPC Interface Endpoint. - - iv) Note your VPCEndpointId from the response. - - -2. Export AWS_VPC_ENDPOINT environment variable with value as the VPCEndpointId from #1. - -### Steps to test: -1. Follow general [prerequisites](../../../TESTING.md#prerequisites) for testing CFN resources. -2. Follow [general steps](../../../TESTING.md#steps) to test CFN resources. - -### Success criteria when testing the resource -1. Private Endpoint should be correctly set up in your Atlas Project as per configuration specified in the inputs/example: - -![image](https://user-images.githubusercontent.com/122359335/227305880-c6c70d20-7f38-4885-a3ed-1de7b4921aa3.png) - -2. General [CFN resource success criteria](../../../TESTING.md#success-criteria-when-testing-the-resource) should be satisfied. - -## Important Links -- [API Documentation](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/group/endpoint-private-endpoint-services) -- [Resource Usage Documentation](https://www.mongodb.com/docs/atlas/security-cluster-private-endpoint/#set-up-a-private-endpoint-for-a-dedicated-cluster) - -## Unit Testing Locally - -The local tests are integrated with the AWS `sam local` and `cfn invoke` tooling features: - -``` -sam local start-lambda --skip-pull-image -``` -then in another shell: -```bash -repo_root=$(git rev-parse --show-toplevel) -source <(${repo_root}/quickstart-mongodb-atlas/scripts/export-mongocli-config.py) -cd ${repo_root}/cfn-resources/private-endpoint-adl -./test/cluster.create-sample-cfn-request.sh YourProjectID YourClusterName > test.request.json -echo "Sample request:" -cat test.request.json -cfn invoke resource CREATE test.request.json -cfn invoke resource DELETE test.request.json -cd - -``` - -Both CREATE & DELETE tests must pass. \ No newline at end of file diff --git a/cfn-resources/private-endpoint-adl/test/cfn-test-create-inputs.sh b/cfn-resources/private-endpoint-adl/test/cfn-test-create-inputs.sh deleted file mode 100755 index 16518bf79..000000000 --- a/cfn-resources/private-endpoint-adl/test/cfn-test-create-inputs.sh +++ /dev/null @@ -1,104 +0,0 @@ -#!/usr/bin/env bash -# Copyright 2023 MongoDB Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# cfn-test-create-inputs.sh -# -# This tool generates json files in the inputs/ for `cfn test`. -# -set -o errexit -set -o nounset -set -o pipefail - -function usage { - echo "usage: cfn-test-create-inputs.sh " - echo "Creates a new Search Index" -} - -if [ "$#" -ne 1 ]; then usage; fi -if [[ "$*" == help ]]; then usage; fi - -rm -rf inputs -mkdir inputs - -projectName="${1}" -projectId=$(atlas projects list --output json | jq --arg NAME "${projectName}" -r '.results[] | select(.name==$NAME) | .id') -if [ -z "$projectId" ]; then - projectId=$(atlas projects create "${projectName}" --output=json | jq -r '.id') - - echo -e "Created project \"${projectName}\" with id: ${projectId}\n" -else - echo -e "FOUND project \"${projectName}\" with id: ${projectId}\n" -fi - -if ! test -v AWS_DEFAULT_REGION; then - region=$(aws configure get region) -else - region=$AWS_DEFAULT_REGION -fi - -#Getting Aws vpc and subnet -vpc_id=$(aws ec2 describe-vpcs --query "Vpcs[0].[VpcId]" --output text) -subnet_ids=$(aws ec2 describe-subnets --filters "Name=vpc-id,Values=$vpc_id" --output json) -subnet_id=$(echo "$subnet_ids" | jq -r '.Subnets[0].SubnetId') - -#creating atlas private endpoint -output=$(atlas privateEndpoints aws list --projectId "${projectId}" --output json) -private_endpoint_id="" -# Check if the output is empty -if [ "$(echo "$output" | jq -e '. | length == 0')" = true ]; then - echo "Empty" - # Execute the create command if the output is empty - create_output=$(atlas privateEndpoints aws create --region "${region}" --projectId "${projectId}" --output json) - private_endpoint_id=$(echo "$create_output" | jq -r '.id') - echo "Created endpoint with ID: $private_endpoint_id" - - # Poll and wait for the status to become "AVAILABLE" - while true; do - status=$(atlas privateEndpoints aws describe "$private_endpoint_id" --projectId "$projectId" --output json | jq -r '.status') - if [ "$status" = "AVAILABLE" ]; then - echo "Status: $status" - break - fi - echo "Status: $status (waiting for AVAILABLE)" - sleep 5 - done -else - # Use jq to extract the ID of the first result - private_endpoint_id=$(echo "$output" | jq -r '.[0].id') - echo "ID: $private_endpoint_id" -fi - -endpoint_service_id=$(atlas privateEndpoints aws describe "$private_endpoint_id" --projectId "$projectId" --output json | jq -r '.endpointServiceName') - -#creating aws private endpoint -aws_private_endpoint_id=$(aws ec2 create-vpc-endpoint \ - --vpc-id "$vpc_id" \ - --service-name "$endpoint_service_id" \ - --region "$region" \ - --subnet-ids "$subnet_id" \ - --vpc-endpoint-type Interface \ - --output json | jq -r '.VpcEndpoint.VpcEndpointId') - -WORDTOREMOVE="template." -cd "$(dirname "$0")" || exit -for inputFile in inputs_*; do - outputFile=${inputFile//$WORDTOREMOVE/} - jq --arg proj "$projectId" \ - --arg endpoint_id "$aws_private_endpoint_id" \ - '.ProjectId?|=$proj |.EndpointId?|=$endpoint_id' \ - "$inputFile" >"../inputs/$outputFile" -done -cd .. -ls -l inputs diff --git a/cfn-resources/private-endpoint-adl/test/cfn-test-delete-inputs.sh b/cfn-resources/private-endpoint-adl/test/cfn-test-delete-inputs.sh deleted file mode 100755 index ef7bb5b0f..000000000 --- a/cfn-resources/private-endpoint-adl/test/cfn-test-delete-inputs.sh +++ /dev/null @@ -1,72 +0,0 @@ -#!/usr/bin/env bash -# cfn-test-delete-inputs.sh -# -# This tool deletes the mongodb resources used for `cfn test` as inputs. - -set -o errexit -set -o nounset -set -o pipefail - -function usage { - echo "usage:$0 " -} - -projectId=$(jq -r '.ProjectId' ./inputs/inputs_1_create.json) -interfaceEndpointId=$(jq -r '.EndpointId' ./inputs/inputs_1_create.json) - -echo "STEP 1 DELETING UNUSED AWS PRIVATE ENDPOINT" - -aws ec2 delete-vpc-endpoints --vpc-endpoint-ids "$interfaceEndpointId" - -# Delete the VPC endpoint -echo "STEP 1 DELETING ATLAS PRIVATE ENDPOINTS" - -PRIVATE_ENDPOINTS=$(atlas privateEndpoints aws list --projectId "$projectId" --output json) -# Check if there are any private endpoints -if [[ "$PRIVATE_ENDPOINTS" == "[]" ]]; then - echo "No private endpoints found." -else - for ATLAS_PRIVATE_ENDPOINT_SERVICE in $(echo "$PRIVATE_ENDPOINTS" | jq -r '.[].id'); do - # Delete the VPC endpoint - echo "STEP 1.a DELETING INTERFACES FOR SERVICE $ATLAS_PRIVATE_ENDPOINT_SERVICE" - ENDPOINT_OUTPUT=$(atlas privateEndpoints aws describe "$ATLAS_PRIVATE_ENDPOINT_SERVICE" --projectId "$projectId" --output json) - if ! echo "$ENDPOINT_OUTPUT" | jq -e '.interfaceEndpoints' >/dev/null; then - echo "No interfaceEndpoints found for $ATLAS_PRIVATE_ENDPOINT_SERVICE" - echo "STEP 1.d deleting privateEndpoint Service " - atlas privateEndpoints aws delete "$ATLAS_PRIVATE_ENDPOINT_SERVICE" --projectId "$projectId" --force - else - for interfaceId in $(echo "$ENDPOINT_OUTPUT" | jq -r '.interfaceEndpoints[]'); do - echo "STEP 1.b DELETING INTERFACE $interfaceId FOR SERVICE $ATLAS_PRIVATE_ENDPOINT_SERVICE" - atlas privateEndpoints aws interface delete "$interfaceId" --endpointServiceId "$ATLAS_PRIVATE_ENDPOINT_SERVICE" --projectId "$projectId" --force - - sleep 20 #waiting until the connection gets rejected - echo "STEP 1.c DELETING aws private endpoint $interfaceId FOR SERVICE $ATLAS_PRIVATE_ENDPOINT_SERVICE" - aws ec2 delete-vpc-endpoints --vpc-endpoint-ids "$interfaceId" - done - fi - done -fi - -sleep 10 - -echo "STEP 2 waiting until all private endpoints get deleted" -while true; do - PRIVATE_ENDPOINTS=$(atlas privateEndpoints aws list --projectId "$projectId" --output json) - - # Check if PRIVATE_ENDPOINTS is an empty array - if [[ "$PRIVATE_ENDPOINTS" == "[]" ]]; then - echo "ALL PRIVATE ENDPOINTS HAVE BEEN DELETED" - break - fi - - # Optional: Add a delay before checking again (e.g., sleep for 10 seconds) - sleep 10 -done - -echo "STEP 3 deleting project" -# delete project -if atlas projects delete "$projectId" --force; then - echo "$projectId project deletion OK" -else - (echo "Failed cleaning project:$projectId" && exit 1) -fi diff --git a/cfn-resources/private-endpoint-adl/test/inputs_1_create.template.json b/cfn-resources/private-endpoint-adl/test/inputs_1_create.template.json deleted file mode 100644 index bee616287..000000000 --- a/cfn-resources/private-endpoint-adl/test/inputs_1_create.template.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "Comment": "materializeMonthlyProductSales1000", - "Provider": "AWS", - "Type": "DATA_LAKE", - "ProjectId": "", - "EndpointId": "", - "Profile": "default" -} \ No newline at end of file diff --git a/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/docs/README.md b/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/docs/README.md index ae62132dd..3edadd6b1 100644 --- a/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/docs/README.md +++ b/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/docs/README.md @@ -65,7 +65,7 @@ _Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/l Unique 22-character alphanumeric string that identifies the private endpoint.Reg ex ^vpce-[0-9a-f]{17}$ . -Atlas Data Lake supports Amazon Web Services private endpoints using the AWS PrivateLink feature. +Atlas Data Federation supports Amazon Web Services private endpoints using the AWS PrivateLink feature. _Required_: Yes diff --git a/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/mongodb-atlas-privatelinkendpointservicedatafederationonlinearchive.json b/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/mongodb-atlas-privatelinkendpointservicedatafederationonlinearchive.json index b13c298dd..d99fb3d23 100644 --- a/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/mongodb-atlas-privatelinkendpointservicedatafederationonlinearchive.json +++ b/cfn-resources/privatelink-endpoint-service-data-federation-online-archive/mongodb-atlas-privatelinkendpointservicedatafederationonlinearchive.json @@ -18,7 +18,7 @@ }, "EndpointId": { "type": "string", - "description": "Unique 22-character alphanumeric string that identifies the private endpoint.Reg ex ^vpce-[0-9a-f]{17}$ . \n\nAtlas Data Lake supports Amazon Web Services private endpoints using the AWS PrivateLink feature." + "description": "Unique 22-character alphanumeric string that identifies the private endpoint.Reg ex ^vpce-[0-9a-f]{17}$ . \n\nAtlas Data Federation supports Amazon Web Services private endpoints using the AWS PrivateLink feature." }, "Type": { "type": "string", diff --git a/examples/activate-mongodb-atlas-resources.template.yaml b/examples/activate-mongodb-atlas-resources.template.yaml index e38074133..563fbeb5f 100644 --- a/examples/activate-mongodb-atlas-resources.template.yaml +++ b/examples/activate-mongodb-atlas-resources.template.yaml @@ -92,14 +92,6 @@ Resources: TypeName: MongoDB::Atlas::CustomDnsConfigurationClusterAws ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn DependsOn: "ActivateCustomDBRoleType" - ActivateDataLakesType: - Type: AWS::CloudFormation::TypeActivation - Properties: - PublicTypeArn: !Join [ "", [ 'arn:aws:cloudformation:',!Ref "Region",'::type/resource/bb989456c78c398a858fef18f2ca1bfc1fbba082/MongoDB-Atlas-DataLakes' ] ] - Type: RESOURCE - TypeName: MongoDB::Atlas::DataLakes - ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn - DependsOn: "ActivateCustomDnsConfigurationClusterAwsType" ActivateEncryptionAtRestType: Type: AWS::CloudFormation::TypeActivation Properties: @@ -107,7 +99,7 @@ Resources: Type: RESOURCE TypeName: MongoDB::Atlas::EncryptionAtRest ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn - DependsOn: "ActivateDataLakesType" + DependsOn: "ActivateCustomDnsConfigurationClusterAwsType" ActivateFederatedSettingsOrgRoleMappingType: Type: AWS::CloudFormation::TypeActivation Properties: @@ -172,14 +164,6 @@ Resources: TypeName: MongoDB::Atlas::PrivateEndPointRegionalMode ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn DependsOn: "ActivateOrgInvitationType" - ActivatePrivateEndpointADLType: - Type: AWS::CloudFormation::TypeActivation - Properties: - PublicTypeArn: !Join [ "", [ 'arn:aws:cloudformation:',!Ref "Region",'::type/resource/bb989456c78c398a858fef18f2ca1bfc1fbba082/MongoDB-Atlas-PrivateEndpointADL' ] ] - Type: RESOURCE - TypeName: MongoDB::Atlas::PrivateEndpointADL - ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn - DependsOn: "ActivatePrivateEndPointRegionalModeType" ActivateProjectInvitationType: Type: AWS::CloudFormation::TypeActivation Properties: @@ -187,7 +171,7 @@ Resources: Type: RESOURCE TypeName: MongoDB::Atlas::ProjectInvitation ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn - DependsOn: "ActivatePrivateEndpointADLType" + DependsOn: "ActivatePrivateEndPointRegionalModeType" ActivateSearchIndexType: Type: AWS::CloudFormation::TypeActivation Properties: @@ -324,14 +308,6 @@ Resources: TypeName: MongoDB::Atlas::ClusterOutageSimulation ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn DependsOn: "ActivateCloudBackupSchedule" - ActivateDataLakePipeline: - Type: AWS::CloudFormation::TypeActivation - Properties: - PublicTypeArn: !Join [ "", [ 'arn:aws:cloudformation:',!Ref "Region",'::type/resource/bb989456c78c398a858fef18f2ca1bfc1fbba082/MongoDB-Atlas-DataLakePipeline' ] ] - Type: RESOURCE - TypeName: MongoDB::Atlas::DataLakePipeline - ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn - DependsOn: "ActivateClusterOutageSimulation" ActivateFederatedDatabaseInstance: Type: AWS::CloudFormation::TypeActivation Properties: @@ -339,7 +315,7 @@ Resources: Type: RESOURCE TypeName: MongoDB::Atlas::FederatedDatabaseInstance ExecutionRoleArn: !GetAtt MongoDBCustomResourceExecutionRole.Arn - DependsOn: "ActivateDataLakePipeline" + DependsOn: "ActivateClusterOutageSimulation" ActivateFederatedQueryLimit: Type: AWS::CloudFormation::TypeActivation Properties: diff --git a/examples/private-endpoint-adl/endpoint-adl.json b/examples/private-endpoint-adl/endpoint-adl.json deleted file mode 100644 index 71cf34139..000000000 --- a/examples/private-endpoint-adl/endpoint-adl.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "AWSTemplateFormatVersion": "2010-09-09", - "Description": "This template creates Private Endpoint ADL on the MongoDB Cluster, this will be billed to your Atlas account.", - "Mappings": {}, - "Parameters" : { - "Profile": { - "Type": "String", - "Description" : "Atlas Profile name", - "Default" : "default" - }, - "MongoDBAtlasProjectId": { - "Type": "String", - "Description" : "MongoDB project Key" - }, - "EndpointId": { - "Type": "String", - "Description" : "Aws endpoint Id" - }, - "Comment": { - "Type": "String" - } - }, - "Resources": { - "OnlineArchive": { - "Type": "MongoDB::Atlas::PrivateEndpointADL", - "DeletionPolicy" : "Retain", - "Properties": { - "Comment": { "Ref" : "Comment" }, - "Provider": "AWS", - "Type": "DATA_LAKE", - "ProjectId": { "Ref" : "MongoDBAtlasProjectId" }, - "EndpointId": { "Ref" : "EndpointId" }, - "Profile": { "Ref" : "Profile" } - } - } - } -} \ No newline at end of file