Yandex Cloud Managed MongoDB Cluster

Features

• Create a Managed MongoDB cluster with predefined number of DB hosts
• Create a list of users and databases with permissions
• Easy to use in other resources via outputs

MongoDB cluster definition

At first you need to create VPC network with three subnets!

MongoDB module requires a following input variables:

• VPC network id
• VPC network subnets ids
• MongoDB hosts definitions - a list of maps with DB host name, zone name and subnet id.
• Databases - a list of databases with database name
• Users - a list users with a list of grants to databases.

Notes:

1. users variable defines a list of separate db users with a permissions list, which indicates to a list of databases and grants for each of them. Default grant is the "read".

Example

See examples section

Configure Terraform for Yandex Cloud

• Install YC CLI
• Add environment variables for terraform auth in Yandex.Cloud

export YC_TOKEN=$(yc iam create-token)
export YC_CLOUD_ID=$(yc config get cloud-id)
export YC_FOLDER_ID=$(yc config get folder-id)

Requirements

Name	Version
terraform	>= 1.0.0
yandex	>= 0.134.0

Providers

Name	Version
random	3.6.3
yandex	0.134.0

Modules

No modules.

Resources

Name	Type
random_password.password	resource
yandex_mdb_mongodb_cluster.this	resource
yandex_mdb_mongodb_database.this	resource
yandex_mdb_mongodb_user.user	resource
yandex_client_config.client	data source

Inputs

Name	Description	Type	Default	Required
access_policy	Access policy from other services to the MongoDB cluster.	object({ data_lens = optional(bool, null) data_transfer = optional(bool, null) })	{}	no
backup_retain_period_days	(Optional) The period in days during which backups are stored.	number	7	no
backup_window_start	(Optional) Time to start the daily backup, in the UTC timezone.	object({ hours = string minutes = optional(string, "00") })	null	no
databases	A list of MongoDB databases. Required values: - name - The name of the database.	list(object({ name = string }))	[]	no
deletion_protection	Inhibits deletion of the cluster.	bool	false	no
description	MongoDB cluster description	string	"Managed MongoDB cluster created by terraform module"	no
environment	Environment type: PRODUCTION or PRESTABLE	string	"PRODUCTION"	no
feature_compatibility_version	MongoDB feature compatibility version	string	""	no
folder_id	Folder id that contains the MongoDB cluster	string	null	no
hosts_definition	A list of MongoDB hosts.	list(object({ zone_id = string role = optional(string, null) subnet_id = optional(string, null) assign_public_ip = optional(bool, false) shard_name = optional(string, null) type = optional(string, "mongod") host_parameters = optional(list(object({ hidden = optional(bool, null) priority = optional(string, null) secondary_delay_secs = optional(number, null) tags = optional(any, null) })), []) }))	n/a	yes
labels	A set of label pairs to assing to the MongoDB cluster.	map(any)	{}	no
maintenance_window	(Optional) Maintenance policy of the MongoDB cluster. - type - (Required) Type of maintenance window. Can be either ANYTIME or WEEKLY. A day and hour of window need to be specified with weekly window. - day - (Optional) Day of the week (in DDD format). Allowed values: "MON", "TUE", "WED", "THU", "FRI", "SAT", "SUN" - hour - (Optional) Hour of the day in UTC (in HH format). Allowed value is between 0 and 23.	object({ type = string day = optional(string, null) hour = optional(string, null) })	{ "type": "ANYTIME" }	no
mongocfg	Configuration for mongocfg instances	list(object({ operation_profiling = optional(list(object({ mode = optional(string, null) slow_op_threshold = optional(number, null) # slow_op_sample_rate = optional(number,null) })), []) net = optional(list(object({ max_incoming_connections = optional(number, null) })), []) storage = list(object({ wired_tiger = optional(map(any), null) })) }))	[]	no
mongod	Configuration for mongod instances	list(object({ security = optional(list(object({ enable_encryption = optional(bool, null) kmip = optional(map(any), {}) })), []) audit_log = optional(list(object({ filter = optional(string, null) runtime_configuration = optional(bool, null) })), []) set_parameter = optional(list(object({ audit_authorization_success = optional(bool, null) enable_flow_control = optional(bool, null) min_snapshot_history_window_in_seconds = optional(number, null) })), []) operation_profiling = optional(list(object({ mode = optional(string, null) slow_op_threshold = optional(number, null) })), []) net = optional(list(object({ max_incoming_connections = optional(number, null) compressors = optional(list(string), []) })), []) storage = optional(list(object({ wired_tiger = optional(map(any), {}) journal = optional(map(any), {}) })), []) }))	[]	no
mongodb_version	MongoDB version	string	"6.0"	no
mongos	Configuration for mongos instances	list(object({ net = list(object({ max_incoming_connections = optional(number, null) compressors = optional(list(string), []) })) }))	[]	no
name	Name of MongoDB cluster	string	"mongodb-cluster"	no
network_id	MongoDB cluster network id	string	n/a	yes
performance_diagnostics	(Optional) MongoDB cluster performance diagnostics settings.	object({ enabled = optional(bool, true) })	{}	no
resources_mongocfg	Resources allocated to mongocfg hosts of the MongoDB cluster	object({ resource_preset_id = optional(string, "s2.micro") disk_size = optional(number, 40) disk_type_id = optional(string, "network-ssd") })	{}	no
resources_mongod	Resources allocated to mongod hosts of the MongoDB cluster	object({ resource_preset_id = optional(string, "s2.micro") disk_size = optional(number, 40) disk_type_id = optional(string, "network-ssd") })	{}	no
resources_mongoinfra	Resources allocated to mongoinfra hosts of the MongoDB cluster	object({ resource_preset_id = optional(string, "s2.micro") disk_size = optional(number, 40) disk_type_id = optional(string, "network-ssd") })	{}	no
resources_mongos	Resources allocated to mongos hosts of the MongoDB cluster	object({ resource_preset_id = optional(string, "s2.micro") disk_size = optional(number, 40) disk_type_id = optional(string, "network-ssd") })	{}	no
restore_parameters	The cluster will be created from the specified backup. NOTES: - backup_id must be specified to create a new MongoDB cluster from a backup. - Time format is 'yyyy-mm-ddThh:mi:ss', where T is a delimeter, e.g. "2022-02-22T11:33:44".	object({ backup_id = string time = optional(string, null) })	null	no
security_groups_ids_list	A list of security group IDs to which the MongoDB cluster belongs	list(string)	[]	no
users	This is a list for additional MongoDB users with own permissions. Required values: - name - The name of the user. - password - (Optional) The user's password. If it's omitted a random password will be generated - permissions - (Optional) A list of objects { databases_name, grants[] } for an access. 'roles' is a optional list of permissions, the default values is ["read"]	list(object({ name = string password = optional(string, null) permissions = optional(list(object({ database_name = string roles = optional(list(string), ["read"]) })), []) }))	[]	no

Outputs

Name	Description
cluster_host_names_list	MongoDB cluster host name
cluster_id	MongoDB cluster ID
cluster_name	MongoDB cluster name
connection_step_1	1 step - Install certificate
connection_step_2	How connect to MongoDB cluster? 1. Run connection string from the output value, for example mongosh --norc <br> --tls <br> --tlsCAFile /home/<домашняя_директория>/.mongodb/root.crt <br> --host '<FQDN_хоста_1_MongoDB>:27018,...,<FQDN_хоста_N_MongoDB>:27018' <br> --username <имя_пользователя_БД> <br> --password <пароль_пользователя_БД> <br> <имя_БД>
databases	A list of databases names.
users_data	A list of users with passwords.