-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.ts
116 lines (98 loc) · 3.41 KB
/
main.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
import { Construct } from "constructs";
import { App, TerraformStack, TerraformVariable } from "cdktf";
import { MongodbatlasProvider } from "@cdktf/provider-mongodbatlas/lib/provider";
import { Project } from "@cdktf/provider-mongodbatlas/lib/project";
import { Cluster } from "@cdktf/provider-mongodbatlas/lib/cluster";
import { DatabaseUser } from "@cdktf/provider-mongodbatlas/lib/database-user";
import { ProjectIpAccessList } from "@cdktf/provider-mongodbatlas/lib/project-ip-access-list";
class MyStack extends TerraformStack {
constructor(scope: Construct, id: string) {
super(scope, id);
// define secure environment variables (won't end up in cdk.tf.json)
const publicKey = new TerraformVariable(this, "publicKey", {
type: "string",
description: "MongoDB Atlas Org Public Key",
sensitive: true,
});
const privateKey = new TerraformVariable(this, "privateKey", {
type: "string",
description: "MongoDB Atlas Org Private Key",
sensitive: true,
});
const orgId = new TerraformVariable(this, "orgId", {
type: "string",
description: "MongoDB Atlas Org ID",
sensitive: true,
});
// satisfy all the Atlas requirements before instantiating new cluster
new MongodbatlasProvider(this, 'Atlas', {
publicKey: publicKey.value, // secret set via environment variable TF_VAR_publicKey
privateKey: privateKey.value // secret set via environment variable TF_VAR_privateKey
});
const atlasProject = new Project(this, "newProject", {
name: "CDKTFProject1",
orgId: orgId.value // set via environment variable TF_VAR_orgId
});
// create cluster resource
const atlasCluster = new Cluster(this, "newCluster1", {
projectId: atlasProject.id,
name: "atlasClusterCDK",
clusterType: "REPLICASET",
cloudBackup: false,
mongoDbMajorVersion: "5.0",
providerName: "TENANT",
backingProviderName: "GCP",
providerInstanceSizeName: "M0",
providerRegionName: "CENTRAL_US",
replicationSpecs: [
{
"numShards": 1,
"regionsConfig": [
{
"electableNodes": 3,
"priority": 7,
"readOnlyNodes": 0,
"regionName": "CENTRAL_US"
}
]
}
]
})
const adminPassword = new TerraformVariable(this, "adminPassword", {
type: "string",
description: "MongoDB Atlas Cluster DB Admin",
sensitive: true,
});
// add admin user to cluster
new DatabaseUser(this, "adminUser", {
username: "cdktf-adminuser",
password: adminPassword.value, // secret set via environment variable TF_VAR_adminPassword
projectId: atlasProject.id,
authDatabaseName: "admin",
roles: [
{
roleName: "readAnyDatabase",
databaseName: "admin"
}
],
scopes: [
{
name: atlasCluster.name,
type: "CLUSTER"
}
]
})
const userNetwork = new TerraformVariable(this, "userNetwork", {
type: "string",
description: "MongoDB Atlas Project IP access",
sensitive: false,
});
new ProjectIpAccessList(this, "projectnetworkAccess", {
projectId: atlasProject.id,
cidrBlock: userNetwork.value // secret set via environment variable TF_VAR_userNetwork
})
}
}
const app = new App();
new MyStack(app, "cdktf-gcp-mongodbatlas");
app.synth();