diff --git a/docs/data-sources/stream_privatelink_endpoint.md b/docs/data-sources/stream_privatelink_endpoint.md new file mode 100644 index 0000000000..2eccf037cb --- /dev/null +++ b/docs/data-sources/stream_privatelink_endpoint.md @@ -0,0 +1,103 @@ +# Data Source: mongodbatlas_stream_privatelink_endpoint + +`mongodbatlas_stream_privatelink_endpoint` describes a Privatelink Endpoint for Streams. + +## Example Usages +```terraform +resource "confluent_environment" "staging" { + display_name = "Staging" +} + +resource "confluent_network" "private_link" { + display_name = "terraform-test-private-link-network-manual" + cloud = "AWS" + region = var.aws_region + connection_types = ["PRIVATELINK"] + zones = keys(var.subnets_to_privatelink) + environment { + id = confluent_environment.staging.id + } + dns_config { + resolution = "PRIVATE" + } +} + +resource "confluent_private_link_access" "aws" { + display_name = "example-private-link-access" + aws { + account = var.aws_account_id + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "confluent_kafka_cluster" "dedicated" { + display_name = "example-dedicated-cluster" + availability = "MULTI_ZONE" + cloud = confluent_network.private_link.cloud + region = confluent_network.private_link.region + dedicated { + cku = 2 + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "mongodbatlas_stream_privatelink_endpoint" "test" { + project_id = var.project_id + dns_domain = confluent_network.private_link.dns_domain + provider_name = "AWS" + region = var.aws_region + vendor = "CONFLUENT" + service_endpoint_id = confluent_network.private_link.aws[0].private_link_endpoint_service + dns_sub_domain = confluent_network.private_link.zonal_subdomains +} + +data "mongodbatlas_stream_privatelink_endpoint" "singular_datasource" { + project_id = var.project_id + id = mongodbatlas_stream_privatelink_endpoint.test.id +} + +data "mongodbatlas_stream_privatelink_endpoints" "plural_datasource" { + project_id = var.project_id +} + +output "interface_endpoint_id" { + value = data.mongodbatlas_stream_privatelink_endpoint.singular_datasource.interface_endpoint_id +} + +output "interface_endpoint_ids" { + value = data.mongodbatlas_stream_privatelink_endpoints.plural_datasource.results[*].interface_endpoint_id +} +``` + + +## Schema + +### Required + +- `id` (String) The ID of the Private Link connection. +- `project_id` (String) Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access. + +**NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group or project id remains the same. The resource and corresponding endpoints use the term groups. + +### Read-Only + +- `dns_domain` (String) Domain name of Privatelink connected cluster. +- `dns_sub_domain` (List of String) Sub-Domain name of Confluent cluster. These are typically your availability zones. +- `interface_endpoint_id` (String) Interface endpoint ID that is created from the specified service endpoint ID. +- `provider_name` (String) Provider where the Kafka cluster is deployed. +- `region` (String) Domain name of Confluent cluster. +- `service_endpoint_id` (String) Service Endpoint ID. +- `state` (String) Status of the connection. +- `vendor` (String) Vendor who manages the Kafka cluster. + +For more information see: [MongoDB Atlas API - Streams Privatelink](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Streams/operation/createPrivateLinkConnection) Documentation. diff --git a/docs/data-sources/stream_privatelink_endpoints.md b/docs/data-sources/stream_privatelink_endpoints.md new file mode 100644 index 0000000000..610d0369fd --- /dev/null +++ b/docs/data-sources/stream_privatelink_endpoints.md @@ -0,0 +1,113 @@ +# Data Source: mongodbatlas_stream_privatelink_endpoints + +`mongodbatlas_stream_privatelink_endpoints` describes a Privatelink Endpoint for Streams. + +## Example Usages +```terraform +resource "confluent_environment" "staging" { + display_name = "Staging" +} + +resource "confluent_network" "private_link" { + display_name = "terraform-test-private-link-network-manual" + cloud = "AWS" + region = var.aws_region + connection_types = ["PRIVATELINK"] + zones = keys(var.subnets_to_privatelink) + environment { + id = confluent_environment.staging.id + } + dns_config { + resolution = "PRIVATE" + } +} + +resource "confluent_private_link_access" "aws" { + display_name = "example-private-link-access" + aws { + account = var.aws_account_id + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "confluent_kafka_cluster" "dedicated" { + display_name = "example-dedicated-cluster" + availability = "MULTI_ZONE" + cloud = confluent_network.private_link.cloud + region = confluent_network.private_link.region + dedicated { + cku = 2 + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "mongodbatlas_stream_privatelink_endpoint" "test" { + project_id = var.project_id + dns_domain = confluent_network.private_link.dns_domain + provider_name = "AWS" + region = var.aws_region + vendor = "CONFLUENT" + service_endpoint_id = confluent_network.private_link.aws[0].private_link_endpoint_service + dns_sub_domain = confluent_network.private_link.zonal_subdomains +} + +data "mongodbatlas_stream_privatelink_endpoint" "singular_datasource" { + project_id = var.project_id + id = mongodbatlas_stream_privatelink_endpoint.test.id +} + +data "mongodbatlas_stream_privatelink_endpoints" "plural_datasource" { + project_id = var.project_id +} + +output "interface_endpoint_id" { + value = data.mongodbatlas_stream_privatelink_endpoint.singular_datasource.interface_endpoint_id +} + +output "interface_endpoint_ids" { + value = data.mongodbatlas_stream_privatelink_endpoints.plural_datasource.results[*].interface_endpoint_id +} +``` + + +## Schema + +### Required + +- `project_id` (String) Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access. + +**NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group or project id remains the same. The resource and corresponding endpoints use the term groups. + +### Read-Only + +- `results` (Attributes List) List of documents that MongoDB Cloud returns for this request. (see [below for nested schema](#nestedatt--results)) + + +### Nested Schema for `results` + +Read-Only: + +- `dns_domain` (String) Domain name of Privatelink connected cluster. +- `dns_sub_domain` (List of String) Sub-Domain name of Confluent cluster. These are typically your availability zones. +- `id` (String) The ID of the Private Link connection. +- `interface_endpoint_id` (String) Interface endpoint ID that is created from the specified service endpoint ID. +- `project_id` (String) Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access. + +**NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group or project id remains the same. The resource and corresponding endpoints use the term groups. +- `provider_name` (String) Provider where the Kafka cluster is deployed. +- `region` (String) Domain name of Confluent cluster. +- `service_endpoint_id` (String) Service Endpoint ID. +- `state` (String) Status of the connection. +- `vendor` (String) Vendor who manages the Kafka cluster. + +For more information see: [MongoDB Atlas API - Streams Privatelink](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Streams/operation/createPrivateLinkConnection) Documentation. diff --git a/docs/resources/stream_privatelink_endpoint.md b/docs/resources/stream_privatelink_endpoint.md new file mode 100644 index 0000000000..e449ef3662 --- /dev/null +++ b/docs/resources/stream_privatelink_endpoint.md @@ -0,0 +1,106 @@ +# Resource: mongodbatlas_stream_privatelink_endpoint + +`mongodbatlas_stream_privatelink_endpoint` describes a Privatelink Endpoint for Streams. + +## Example Usages +```terraform +resource "confluent_environment" "staging" { + display_name = "Staging" +} + +resource "confluent_network" "private_link" { + display_name = "terraform-test-private-link-network-manual" + cloud = "AWS" + region = var.aws_region + connection_types = ["PRIVATELINK"] + zones = keys(var.subnets_to_privatelink) + environment { + id = confluent_environment.staging.id + } + dns_config { + resolution = "PRIVATE" + } +} + +resource "confluent_private_link_access" "aws" { + display_name = "example-private-link-access" + aws { + account = var.aws_account_id + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "confluent_kafka_cluster" "dedicated" { + display_name = "example-dedicated-cluster" + availability = "MULTI_ZONE" + cloud = confluent_network.private_link.cloud + region = confluent_network.private_link.region + dedicated { + cku = 2 + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "mongodbatlas_stream_privatelink_endpoint" "test" { + project_id = var.project_id + dns_domain = confluent_network.private_link.dns_domain + provider_name = "AWS" + region = var.aws_region + vendor = "CONFLUENT" + service_endpoint_id = confluent_network.private_link.aws[0].private_link_endpoint_service + dns_sub_domain = confluent_network.private_link.zonal_subdomains +} + +data "mongodbatlas_stream_privatelink_endpoint" "singular_datasource" { + project_id = var.project_id + id = mongodbatlas_stream_privatelink_endpoint.test.id +} + +data "mongodbatlas_stream_privatelink_endpoints" "plural_datasource" { + project_id = var.project_id +} + +output "interface_endpoint_id" { + value = data.mongodbatlas_stream_privatelink_endpoint.singular_datasource.interface_endpoint_id +} + +output "interface_endpoint_ids" { + value = data.mongodbatlas_stream_privatelink_endpoints.plural_datasource.results[*].interface_endpoint_id +} +``` + + +## Schema + +### Required + +- `project_id` (String) Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access. + +**NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group or project id remains the same. The resource and corresponding endpoints use the term groups. +- `provider_name` (String) Provider where the Kafka cluster is deployed. +- `vendor` (String) Vendor who manages the Kafka cluster. + +### Optional + +- `dns_domain` (String) Domain name of Privatelink connected cluster. +- `dns_sub_domain` (List of String) Sub-Domain name of Confluent cluster. These are typically your availability zones. +- `region` (String) Domain name of Confluent cluster. +- `service_endpoint_id` (String) Service Endpoint ID. + +### Read-Only + +- `id` (String) The ID of the Private Link connection. +- `interface_endpoint_id` (String) Interface endpoint ID that is created from the specified service endpoint ID. +- `state` (String) Status of the connection. + +For more information see: [MongoDB Atlas API - Streams Privatelink](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Streams/operation/createPrivateLinkConnection) Documentation. diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/README.md b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/README.md new file mode 100644 index 0000000000..686f8eb6b2 --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/README.md @@ -0,0 +1,14 @@ +# MongoDB Atlas Provider - AWS Confluent Privatelink for Atlas Streams + +This example shows how to use AWS Confluent Privatelink for Atlas Streams with a dedicated Confluent Cluster. + +You must set the following variables: + +- `public_key`: Public API key to authenticate to Atlas +- `private_key`: Private API key to authenticate to Atlas +- `project_id`: Unique 24-hexadecimal digit string that identifies your project +- `confluent_cloud_api_key`: Public API key to authenticate to Confluent Cloud +- `confluent_cloud_api_secret`: Private API key to authenticate to Confleunt Cloud +- `subnets_to_privatelink`: A map of Zone ID to Subnet ID (i.e.: {\"use1-az1\" = \"subnet-abcdef0123456789a\", ...}) +- `aws_account_id`: The AWS Account ID (12 digits) +- `aws_region`: The AWS Region diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/main.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/main.tf new file mode 100644 index 0000000000..d649bf9441 --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/main.tf @@ -0,0 +1,73 @@ +resource "confluent_environment" "staging" { + display_name = "Staging" +} + +resource "confluent_network" "private_link" { + display_name = "terraform-test-private-link-network-manual" + cloud = "AWS" + region = var.aws_region + connection_types = ["PRIVATELINK"] + zones = keys(var.subnets_to_privatelink) + environment { + id = confluent_environment.staging.id + } + dns_config { + resolution = "PRIVATE" + } +} + +resource "confluent_private_link_access" "aws" { + display_name = "example-private-link-access" + aws { + account = var.aws_account_id + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "confluent_kafka_cluster" "dedicated" { + display_name = "example-dedicated-cluster" + availability = "MULTI_ZONE" + cloud = confluent_network.private_link.cloud + region = confluent_network.private_link.region + dedicated { + cku = 2 + } + environment { + id = confluent_environment.staging.id + } + network { + id = confluent_network.private_link.id + } +} + +resource "mongodbatlas_stream_privatelink_endpoint" "test" { + project_id = var.project_id + dns_domain = confluent_network.private_link.dns_domain + provider_name = "AWS" + region = var.aws_region + vendor = "CONFLUENT" + service_endpoint_id = confluent_network.private_link.aws[0].private_link_endpoint_service + dns_sub_domain = confluent_network.private_link.zonal_subdomains +} + +data "mongodbatlas_stream_privatelink_endpoint" "singular_datasource" { + project_id = var.project_id + id = mongodbatlas_stream_privatelink_endpoint.test.id +} + +data "mongodbatlas_stream_privatelink_endpoints" "plural_datasource" { + project_id = var.project_id +} + +output "interface_endpoint_id" { + value = data.mongodbatlas_stream_privatelink_endpoint.singular_datasource.interface_endpoint_id +} + +output "interface_endpoint_ids" { + value = data.mongodbatlas_stream_privatelink_endpoints.plural_datasource.results[*].interface_endpoint_id +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/provider.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/provider.tf new file mode 100644 index 0000000000..eb5d733e0b --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/provider.tf @@ -0,0 +1,9 @@ +provider "mongodbatlas" { + public_key = var.public_key + private_key = var.private_key +} + +provider "confluent" { + cloud_api_key = var.confluent_cloud_api_key # optionally use CONFLUENT_CLOUD_API_KEY env var + cloud_api_secret = var.confluent_cloud_api_secret # optionally use CONFLUENT_CLOUD_API_SECRET env var +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/variables.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/variables.tf new file mode 100644 index 0000000000..00314e91ad --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/variables.tf @@ -0,0 +1,37 @@ +variable "project_id" { + description = "Unique 24-hexadecimal digit string that identifies your project" + type = string +} + +variable "public_key" { + description = "Public API key to authenticate to Atlas" + type = string +} +variable "private_key" { + description = "Private API key to authenticate to Atlas" + type = string +} + +variable "confluent_cloud_api_key" { + description = "Public API key to authenticate to Confluent Cloud" + type = string +} +variable "confluent_cloud_api_secret" { + description = "Private API key to authenticate to Confleunt Cloud" + type = string +} + +variable "subnets_to_privatelink" { + description = "A map of Zone ID to Subnet ID (i.e.: {\"use1-az1\" = \"subnet-abcdef0123456789a\", ...})" + type = map(string) +} + +variable "aws_account_id" { + description = "The AWS Account ID (12 digits)" + type = string +} + +variable "aws_region" { + description = "The AWS Region" + type = string +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/versions.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/versions.tf new file mode 100644 index 0000000000..7b12cec52f --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/versions.tf @@ -0,0 +1,13 @@ +terraform { + required_providers { + mongodbatlas = { + source = "mongodb/mongodbatlas" + version = "1.24.0" + } + confluent = { + source = "confluentinc/confluent" + version = "2.12.0" + } + } + required_version = ">= 1.0" +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/README.md b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/README.md new file mode 100644 index 0000000000..0f0a43b6f4 --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/README.md @@ -0,0 +1,14 @@ +# MongoDB Atlas Provider - AWS Confluent Privatelink for Atlas Streams + +This example shows how to use AWS Confluent Privatelink for Atlas Streams for Serveless products + +You must set the following variables: + +- `public_key`: Public API key to authenticate to Atlas +- `private_key`: Private API key to authenticate to Atlas +- `project_id`: Unique 24-hexadecimal digit string that identifies your project +- `confluent_cloud_api_key`: Public API key to authenticate to Confluent Cloud +- `confluent_cloud_api_secret`: Private API key to authenticate to Confleunt Cloud +- `subnets_to_privatelink`: A map of Zone ID to Subnet ID (i.e.: {\"use1-az1\" = \"subnet-abcdef0123456789a\", ...}) +- `vpc_id`: The ID of the VPC in which the endpoint will be used. +- `aws_region`: The AWS Region diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/privatelink.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/privatelink.tf new file mode 100644 index 0000000000..e302731436 --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/privatelink.tf @@ -0,0 +1,101 @@ +data "aws_vpc" "privatelink" { + id = var.vpc_id +} + +data "aws_availability_zone" "privatelink" { + for_each = var.subnets_to_privatelink + zone_id = each.key +} + +locals { + network_id = split(".", var.dns_domain)[0] +} + +resource "aws_security_group" "privatelink" { + # Ensure that SG is unique, so that this module can be used multiple times within a single VPC + name = "ccloud-privatelink_${local.network_id}_${var.vpc_id}" + description = "Confluent Cloud Private Link minimal security group for ${var.dns_domain} in ${var.vpc_id}" + vpc_id = data.aws_vpc.privatelink.id + + ingress { + # only necessary if redirect support from http/https is desired + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = [data.aws_vpc.privatelink.cidr_block] + } + + ingress { + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = [data.aws_vpc.privatelink.cidr_block] + } + + ingress { + from_port = 9092 + to_port = 9092 + protocol = "tcp" + cidr_blocks = [data.aws_vpc.privatelink.cidr_block] + } + + lifecycle { + create_before_destroy = true + } +} + +resource "aws_vpc_endpoint" "privatelink" { + vpc_id = data.aws_vpc.privatelink.id + service_name = var.privatelink_service_name + vpc_endpoint_type = "Interface" + + security_group_ids = [ + aws_security_group.privatelink.id, + ] + + subnet_ids = [for zone, subnet_id in var.subnets_to_privatelink : subnet_id] + private_dns_enabled = false +} + +resource "aws_route53_zone" "privatelink" { + name = var.dns_domain + + vpc { + vpc_id = data.aws_vpc.privatelink.id + } +} + +resource "aws_route53_record" "privatelink" { + count = length(var.subnets_to_privatelink) == 1 ? 0 : 1 + zone_id = aws_route53_zone.privatelink.zone_id + name = "*.${aws_route53_zone.privatelink.name}" + type = "CNAME" + ttl = "60" + records = [ + aws_vpc_endpoint.privatelink.dns_entry[0]["dns_name"] + ] +} + +locals { + endpoint_prefix = split(".", aws_vpc_endpoint.privatelink.dns_entry[0]["dns_name"])[0] +} + +resource "aws_route53_record" "privatelink-zonal" { + for_each = var.subnets_to_privatelink + + zone_id = aws_route53_zone.privatelink.zone_id + name = length(var.subnets_to_privatelink) == 1 ? "*" : "*.${each.key}" + type = "CNAME" + ttl = "60" + records = [ + format("%s-%s%s", + local.endpoint_prefix, + data.aws_availability_zone.privatelink[each.key].name, + replace(aws_vpc_endpoint.privatelink.dns_entry[0]["dns_name"], local.endpoint_prefix, "") + ) + ] +} + +output "vpc_endpoint_id" { + value = aws_vpc_endpoint.privatelink.id +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/variables.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/variables.tf new file mode 100644 index 0000000000..9f647e1b1e --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/variables.tf @@ -0,0 +1,19 @@ +variable "vpc_id" { + description = "The VPC ID to private link to Confluent Cloud" + type = string +} + +variable "privatelink_service_name" { + description = "The Service Name from Confluent Cloud to Private Link with (provided by Confluent)" + type = string +} + +variable "dns_domain" { + description = "The root DNS domain for the Private Link Attachment, for example, `pr123a.us-east-2.aws.confluent.cloud`" + type = string +} + +variable "subnets_to_privatelink" { + description = "A map of Zone ID to Subnet ID (ie: {\"use1-az1\" = \"subnet-abcdef0123456789a\", ...})" + type = map(string) +} \ No newline at end of file diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/versions.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/versions.tf new file mode 100644 index 0000000000..076b361fcc --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/aws-privatelink-endpoint/versions.tf @@ -0,0 +1,9 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "5.0.0" + } + } + required_version = ">= 1.0" +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/main.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/main.tf new file mode 100644 index 0000000000..073e8abc98 --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/main.tf @@ -0,0 +1,59 @@ +resource "confluent_environment" "staging" { + display_name = "Staging" +} + +resource "confluent_private_link_attachment" "this" { + cloud = "AWS" + region = var.aws_region + display_name = "private-link-attachment" + environment { + id = confluent_environment.staging.id + } +} + +module "privatelink" { + source = "./aws-privatelink-endpoint" + vpc_id = var.vpc_id + privatelink_service_name = confluent_private_link_attachment.this.aws[0].vpc_endpoint_service_name + dns_domain = confluent_private_link_attachment.this.dns_domain + subnets_to_privatelink = var.subnets_to_privatelink +} + +resource "confluent_private_link_attachment_connection" "this" { + display_name = "private-link-attachment-connection" + environment { + id = confluent_environment.staging.id + } + aws { + vpc_endpoint_id = module.privatelink.vpc_endpoint_id + } + private_link_attachment { + id = confluent_private_link_attachment.this.id + } +} + +resource "mongodbatlas_stream_privatelink_endpoint" "test" { + project_id = var.project_id + dns_domain = confluent_private_link_attachment.this.dns_domain + provider_name = "AWS" + region = var.aws_region + vendor = "CONFLUENT" + service_endpoint_id = confluent_private_link_attachment.this.aws[0].vpc_endpoint_service_name +} + +data "mongodbatlas_stream_privatelink_endpoint" "singular_datasource" { + project_id = var.project_id + id = mongodbatlas_stream_privatelink_endpoint.test.id +} + +data "mongodbatlas_stream_privatelink_endpoints" "plural_datasource" { + project_id = var.project_id +} + +output "interface_endpoint_id" { + value = data.mongodbatlas_stream_privatelink_endpoint.singular_datasource.interface_endpoint_id +} + +output "interface_endpoint_ids" { + value = data.mongodbatlas_stream_privatelink_endpoints.plural_datasource.results[*].interface_endpoint_id +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/provider.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/provider.tf new file mode 100644 index 0000000000..7afa58dc9c --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/provider.tf @@ -0,0 +1,13 @@ +provider "mongodbatlas" { + public_key = var.public_key + private_key = var.private_key +} + +provider "confluent" { + cloud_api_key = var.confluent_cloud_api_key # optionally use CONFLUENT_CLOUD_API_KEY env var + cloud_api_secret = var.confluent_cloud_api_secret # optionally use CONFLUENT_CLOUD_API_SECRET env var +} + +provider "aws" { + region = var.aws_region +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/variables.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/variables.tf new file mode 100644 index 0000000000..a7357e7507 --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/variables.tf @@ -0,0 +1,37 @@ +variable "project_id" { + description = "Unique 24-hexadecimal digit string that identifies your project" + type = string +} + +variable "public_key" { + description = "Public API key to authenticate to Atlas" + type = string +} +variable "private_key" { + description = "Private API key to authenticate to Atlas" + type = string +} + +variable "confluent_cloud_api_key" { + description = "Public API key to authenticate to Confluent Cloud" + type = string +} +variable "confluent_cloud_api_secret" { + description = "Private API key to authenticate to Confleunt Cloud" + type = string +} + +variable "subnets_to_privatelink" { + description = "A map of Zone ID to Subnet ID (i.e.: {\"use1-az1\" = \"subnet-abcdef0123456789a\", ...})" + type = map(string) +} + +variable "aws_region" { + description = "The AWS Region" + type = string +} + +variable "vpc_id" { + description = "The ID of the VPC in which the endpoint will be used." + type = string +} diff --git a/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/versions.tf b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/versions.tf new file mode 100644 index 0000000000..eb6c24978b --- /dev/null +++ b/examples/mongodbatlas_stream_privatelink_endpoint/confluent_serverless/versions.tf @@ -0,0 +1,17 @@ +terraform { + required_providers { + mongodbatlas = { + source = "mongodb/mongodbatlas" + version = "~> 1.24" + } + confluent = { + source = "confluentinc/confluent" + version = "2.12.0" + } + aws = { + source = "hashicorp/aws" + version = "5.0.0" + } + } + required_version = ">= 1.0" +} diff --git a/internal/service/streamprivatelinkendpoint/resource_schema.go b/internal/service/streamprivatelinkendpoint/resource_schema.go index c217a7e333..ee30002152 100644 --- a/internal/service/streamprivatelinkendpoint/resource_schema.go +++ b/internal/service/streamprivatelinkendpoint/resource_schema.go @@ -25,11 +25,11 @@ func ResourceSchema(ctx context.Context) schema.Schema { }, "project_id": schema.StringAttribute{ Required: true, - MarkdownDescription: "Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access.\n\n**NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.", + MarkdownDescription: "Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access.\n\n**NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group or project id remains the same. The resource and corresponding endpoints use the term groups.", }, "interface_endpoint_id": schema.StringAttribute{ Computed: true, - MarkdownDescription: "Interface endpoint ID that is created from the service endpoint ID provided.", + MarkdownDescription: "Interface endpoint ID that is created from the specified service endpoint ID.", }, "provider_name": schema.StringAttribute{ Required: true, @@ -45,7 +45,7 @@ func ResourceSchema(ctx context.Context) schema.Schema { }, "state": schema.StringAttribute{ Computed: true, - MarkdownDescription: "State the connection is in.", + MarkdownDescription: "Status of the connection.", }, "vendor": schema.StringAttribute{ Required: true, diff --git a/templates/data-source.md.tmpl b/templates/data-source.md.tmpl index 4b0faaf1d1..b649202982 100644 --- a/templates/data-source.md.tmpl +++ b/templates/data-source.md.tmpl @@ -55,7 +55,6 @@ {{ else if eq .Name "mongodbatlas_third_party_integration" }} {{ else if eq .Name "mongodbatlas_x509_authentication_database_user" }} {{ else if eq .Name "mongodbatlas_privatelink_endpoint_service_data_federation_online_archive" }} - {{ else if eq .Name "mongodbatlas_stream_privatelink_endpoint" }} {{ else }} {{ tffile (printf "examples/%s/main.tf" .Name )}} {{ end }} diff --git a/templates/data-sources/stream_privatelink_endpoint.md.tmpl b/templates/data-sources/stream_privatelink_endpoint.md.tmpl new file mode 100644 index 0000000000..a9f528228d --- /dev/null +++ b/templates/data-sources/stream_privatelink_endpoint.md.tmpl @@ -0,0 +1,10 @@ +# {{.Type}}: {{.Name}} + +`{{.Name}}` describes a Privatelink Endpoint for Streams. + +## Example Usages +{{ tffile (printf "examples/%s/confluent_dedicated_cluster/main.tf" .Name )}} + +{{ .SchemaMarkdown | trimspace }} + +For more information see: [MongoDB Atlas API - Streams Privatelink](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Streams/operation/createPrivateLinkConnection) Documentation. diff --git a/templates/data-sources/stream_privatelink_endpoints.md.tmpl b/templates/data-sources/stream_privatelink_endpoints.md.tmpl new file mode 100644 index 0000000000..c50f613030 --- /dev/null +++ b/templates/data-sources/stream_privatelink_endpoints.md.tmpl @@ -0,0 +1,10 @@ +# {{.Type}}: {{.Name}} + +`{{.Name}}` describes a Privatelink Endpoint for Streams. + +## Example Usages +{{ tffile (printf "examples/mongodbatlas_stream_privatelink_endpoint/confluent_dedicated_cluster/main.tf" )}} + +{{ .SchemaMarkdown | trimspace }} + +For more information see: [MongoDB Atlas API - Streams Privatelink](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Streams/operation/createPrivateLinkConnection) Documentation. diff --git a/templates/resources.md.tmpl b/templates/resources.md.tmpl index 07bd9075d0..855f829e7a 100644 --- a/templates/resources.md.tmpl +++ b/templates/resources.md.tmpl @@ -55,7 +55,6 @@ {{ else if eq .Name "mongodbatlas_third_party_integration" }} {{ else if eq .Name "mongodbatlas_x509_authentication_database_user" }} {{ else if eq .Name "mongodbatlas_privatelink_endpoint_service_data_federation_online_archive" }} - {{ else if eq .Name "mongodbatlas_stream_privatelink_endpoint" }} {{ else }} {{ tffile (printf "examples/%s/main.tf" .Name )}} {{ end }} diff --git a/templates/resources/stream_privatelink_endpoint.md.tmpl b/templates/resources/stream_privatelink_endpoint.md.tmpl new file mode 100644 index 0000000000..a9f528228d --- /dev/null +++ b/templates/resources/stream_privatelink_endpoint.md.tmpl @@ -0,0 +1,10 @@ +# {{.Type}}: {{.Name}} + +`{{.Name}}` describes a Privatelink Endpoint for Streams. + +## Example Usages +{{ tffile (printf "examples/%s/confluent_dedicated_cluster/main.tf" .Name )}} + +{{ .SchemaMarkdown | trimspace }} + +For more information see: [MongoDB Atlas API - Streams Privatelink](https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/#tag/Streams/operation/createPrivateLinkConnection) Documentation.