feat: Search Deployment CloudFormation Resource

[sivaram-mongodb]

Proposed changes

Added new resource Search Deployment:

• Manages dedicated search nodes for workload isolation in MongoDB Atlas clusters
• Supports configurable instance sizes and node counts for search workloads
• Provides isolated search tier for better performance and resource management
• Implements callback-based asynchronous operations for state management
• Single deployment per cluster (limited to one spec configuration)

Resource Configuration:

The Search Deployment resource enables you to create and manage dedicated search nodes that provide workload isolation for Atlas Search queries. By deploying search nodes, you can separate search workloads from your database workloads, improving overall cluster performance.

Required Properties:

• ProjectId: Atlas project identifier (24-hexadecimal characters)
• ClusterName: Name of the cluster to attach search nodes
• Specs: Array of search node specifications (currently limited to 1 element)
  • InstanceSize: Hardware specification for search nodes (e.g., S20_HIGHCPU_NVME, S30_HIGHCPU_NVME)
  • NodeCount: Number of search nodes in the deployment

Optional Properties:

• Profile: AWS Secrets Manager profile for Atlas credentials (default: "default")

Read-Only Properties:

• Id: Unique 24-hexadecimal identifier for the search deployment
• StateName: Current operating state (IDLE when ready, DELETED when removed)
• EncryptionAtRestProvider: Encryption provider for the deployment (AWS, GCP, AZURE, or NONE)

Create-Only Properties:

• ProjectId, ClusterName, Profile: These cannot be changed after creation

Configuration Examples:

Basic Search Deployment:

{
  "ProjectId": "64d2a9b8f1a2c3e4d5e6f7a8",
  "ClusterName": "my-cluster",
  "Specs": [
    {
      "InstanceSize": "S30_HIGHCPU_NVME",
      "NodeCount": 2
    }
  ]
}

cfn testing:

stack testing:

Atlas UI - Before Creation

Atlas UI - After Creation

Jira ticket: CLOUDP-369807

Please include a summary of the fix/feature/change, including any relevant motivation and context.

Link to any related issue(s):

Type of change:

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as
  expected)
• This change requires a documentation update
• If changes include removal or addition of 3rd party GitHub actions, I updated our internal document. Reach out to the APIx Integration slack channel to get access to the internal document.

Manual QA performed:

• cfn invoke for each of CRUDL/cfn test
• Updated resource in example
• Published to AWS private registry
• Used the template in example to create and update a stack in AWS
• Deleted stack to ensure resources are deleted
• Created multiple resources in same stack
• Validated in Atlas UI
• Included screenshots

Required Checklist:

• I have signed the MongoDB CLA
• I have added tests that prove my fix is effective or that my feature works
• I have checked that this change does not generate any credentials and that they are NOT accidentally logged anywhere.
• I have added any necessary documentation (if appropriate)
• I have run make fmt and formatted my code
• For CFN Resources: I have released by changes in the private registry and proved by change
  works in Atlas

Further comments

[maastha]

[q] why the enforce-timeout?

[maastha]

not sure, I understand how this is different than the previous implementation as that is using respSpecs as well?

also, I think you can remove this comment as the code is quite self-explanatory

[maastha]

i think we can rename this to InitEnv as this is doing a few things other than initializing the client as well.

[maastha]

is StatusNotFound a valid case for the create API?

[maastha]

If the intention here is to handle the transition where creation can take some time, can you extract the logic to a callback function similar to cluster here - https://github.com/mongodb/mongodbatlas-cloudformation-resources/blob/master/cfn-resources/cluster/cmd/resource/resource.go#L255

Otherwise it's not very clear what the logic is trying to accomplish

[maastha]

[q] why is this needed now? How do the existing contract tests running today?

[maastha]

can you please explain the changes in this method?

[ParthasarathyV]

The ValidateProgress function follows the flex-cluster pattern :
Uses isDelete bool instead of targetState string — determines target state internally (IdleState for create/update, DeletedState for delete)
Returns handler.ProgressEvent directly (no error return)
Handles nil states safely with a default of DeletedState
For delete operations, returns success without ResourceModel
This aligns with the flex-cluster implementation and is the current pattern for state validation in callback functions.

[maastha]

can you please update the PR description to include only what has been updated? This is an existing resource & I believe only new attributes have been added. The PR description, however, implies that a new resource is being added.

[maastha]

can you also update the example for this resource (under /examples/search-deployment) & ensure that works for the testing screenshots in the PR description?

[maastha]

can you also please update the test input files to use the new attribute?

[maastha]

nit: would revert this & keep only required changes in the PR to merge