Page Comparison

...

In addition to infra.tfvars.json, you must provide some secrets on each deploy: mongo_atlas_private_key, mongo_password, & psql_password
Run ./bin/terraform apply -target=module.gcp_cluster_hosting.google_compute_network.network
Run ./bin/terraform apply -target=module.gcp_cluster_hosting.google_compute_global_address.private_ip_address
Run ./bin/terraform apply -target=module.gcp_cluster_hosting.google_service_networking_connection.vpc_connection
Run ./bin/terraform apply -target=module.aws_required.module.vpc
Run ./bin/terraform plan
Run ./bin/terraform apply

Note
If this fails with an `oauth2` Invalid Grant error, try running: `gcloud auth application-default login`

Note

Atlas Networking Container already exists:
If you encounter an issue during the ./bin/terraform apply command, you will need to update the ./infra-config/gcp_cluster_hosting/atlas-peering.tf.

The resource "mongodbatlas_networking_container" "container"... block should be updated to use a data source instead (namely changing resource → data and updating the arguments).

Be sure to update all references of mongodbatlas_networking_container.container → data.mongodbatlas_networking_container.container.

Run ./bin/edit_credentials. This will create two new files: credentials.yml.enc and master.key.

Copy all important secrets into this file

Note

The credentials.yml.enc IS SAFE for VCS committing.

If you want to store these encrypted credentials within your repository, you may need to update the .gitignore file. This file MUST be present for all deployments.

Warning

The master.key IS NOT SAFE for VCS committing.

This key should be backed up and manually created on any devices that needs access to the credentials.yml.enc file, or to run a deployment. Access to the master.key will grant access to all credentials! This file MUST be present for all deployments.

...

Versions Compared

Old Version 3

New Version Current

Key