Skip to content

doc: DOCSP-54251 & DOCSP-54252 -- Document how to move from or to Service Accounts authentication #3753

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 36 commits into from
Oct 15, 2025
Merged

doc: DOCSP-54251 & DOCSP-54252 -- Document how to move from or to Service Accounts authentication #3753

merged 36 commits into from
Oct 15, 2025
+228 −160

Conversation

xargom
Copy link
Collaborator

@xargom xargom commented Oct 6, 2025
edited
Loading

Description

DOCSP-54251

DOCSP-54252

Creates a guide to move to Service Accounts auth and updates the landing page with SA as the first auth option.

Link to any related issue(s):

Type of change:

  • Bug fix (non-breaking change which fixes an issue). Please, add the "bug" label to the PR.
  • New feature (non-breaking change which adds functionality). Please, add the "enhancement" label to the PR. A migration guide must be created or updated if the new feature will go in a major version.
  • Breaking change (fix or feature that would cause existing functionality to not work as expected). Please, add the "breaking change" label to the PR. A migration guide must be created or updated.
  • This change requires a documentation update
  • [ x ] Documentation fix/enhancement

Required Checklist:

  • I have signed the MongoDB CLA
  • I have read the contributing guides
  • I have checked that this change does not generate any credentials and that they are NOT accidentally logged anywhere.
  • I have added tests that prove my fix is effective or that my feature works per HashiCorp requirements
  • I have added any necessary documentation (if appropriate)
  • I have run make fmt and formatted my code
  • If changes include deprecations or removals I have added appropriate changelog entries.
  • If changes include removal or addition of 3rd party GitHub actions, I updated our internal document. Reach out to the APIx Integration slack channel to get access to the internal document.

Further comments

@xargom xargom requested a review from a team as a code owner October 6, 2025 22:34
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 6, 2025

APIx bot: a message has been sent to Docs Slack channel

marcosuma
marcosuma reviewed Oct 7, 2025
View reviewed changes
docs/guides/migrate-to-service-accounts-authentication-guide.md Outdated

The JWT token is only valid during its set duration time. See [Generate Service Account Token](https://www.mongodb.com/docs/atlas/api/service-accounts/generate-oauth2-token/#std-label-generate-oauth2-token-atlas) for more details on creating an SA token.

**IMPORTANT:** Currently, the MongoDB Terraform provider does not support additional Token OAuth features.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Q: what do we mean with this?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Definitely the phrasing is not the better (changes incoming), but there are 3 ideas here:

  1. The token expires.
  2. Redirect the user to the Atlas SA docs.
  3. "the MongoDB Terraform provider does not support additional Token OAuth features." I'm explicitly stating a suggestion mentioned in the project scope doc: https://docs.google.com/document/d/1PuAwTTNbVLUsqMH9wmmHKUCbEojhkQ_oHL2ONxwXZhs/edit?tab=t.0#heading=h.5c9t51nomy3f. However, i'm not sure if we actually need to have this in the final version.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need @bodegus inputs here, can you reach out to him?

kanchana-mongodb
kanchana-mongodb reviewed Oct 7, 2025
View reviewed changes
@xargom xargom requested a review from oarbusi October 7, 2025 18:28
@xargom xargom requested a review from a team as a code owner October 7, 2025 18:39
@xargom xargom changed the title doc: DOCSP-54251 -- Document how to move from or to Service Accounts authentication doc: DOCSP-54251 & DOCSP-54252 -- Document how to move from or to Service Accounts authentication Oct 7, 2025
@xargom
Copy link
Collaborator Author

xargom commented Oct 7, 2025

Added the changes related to DOCSP-54252 since it seemed easier to manage it all in one PR.

manupedrozo
manupedrozo reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli reviewed Oct 8, 2025
View reviewed changes
lantoli
lantoli approved these changes Oct 10, 2025
View reviewed changes
Copy link
Member

@lantoli lantoli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, let's wait for other reviewers

marcosuma
marcosuma approved these changes Oct 10, 2025
View reviewed changes
Copy link
Collaborator

@marcosuma marcosuma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - one minor comment

lantoli and others added 20 commits October 10, 2025 15:39
@lantoli
doc warning about multiple credentials
d12bd52
@lantoli
fix important box
9b187fe
@xargom
DOCSP-54251 & DOCSP-54252 -- Minor style adjustments
268e732
@xargom
DOCSP-54251 & DOCSP-54252 -- Adjusted links to specific sections
7033ab7
@xargom
DOCSP-54251 & DOCSP-54252 -- Adjusted links to specific sections 2
e759fdc
@xargom
DOCSP-54251 & DOCSP-54252 -- Adjusted links to specific sections 3
8709fc8
@lantoli
Merge branch 'CLOUDP-334161-service-accounts-dev' into DOCSP-54251
63b4b8b 
* CLOUDP-334161-service-accounts-dev: (21 commits)
  uncomment TestAccProject_withTags (#3774)
  chore: Add resource generation github workflow (#3772)
  chore: Display specific errors if credentials values are missing (#3768)
  adjust env vars (#3769)
  refactor: Uses the new create-only plan modifier in flex cluster (#3658)
  chore: Fix some tests in PAK and SA executions (#3765)
  chore: Allow SA for mongodbatlas_roles_org_id datasource (#3764)
  doc: Fixes path for collection attributes in cluster docs (#3739)
  build(deps): bump go.mongodb.org/atlas-sdk (#3750)
  doc: Add FLEX value under provider_name in advanced_cluster docs (#3763)
  chore: Add codegen intermediate model serialization (#3756)
  chore: Bump github.com/hashicorp/terraform-plugin-framework-validators (#3761)
  chore: Bump softprops/action-gh-release from 2.3.3 to 2.4.0 (#3759)
  chore: Bump actions/stale from 10.0.0 to 10.1.0 (#3758)
  chore: Bump peter-evans/create-or-update-comment from 4.0.0 to 5.0.0 (#3760)
  chore: Bump github.com/hashicorp/terraform-plugin-framework (#3762)
  include acceptance tests for org service account resource (#3755)
  chore: Add project_settings_api acceptance tests (#3751)
  chore: Remove unneeded Atlas versions (#3752)
  chore: Add create only plan modifier for non-updateable attributes in autogenerated resources (#3747)
  ...
@lantoli
provider configuration page with smaller index
c7ac17b
@lantoli
apply feedback
8afc210
@lantoli
make it more consistent
e6b80dc
@lantoli
more concise provider config
cac838c
@lantoli
reduce url help
8d82228
@lantoli
simplify AWS Secrets Manager
61047b1
@lantoli
fix example
8f21d0f
@lantoli
remove link as it doesn't work anymore
a347147
@lantoli
revert versioning and last sections in index
134b0c4
@lantoli
apply feedback about authentication and gov
71b04bb
@lantoli
remove best practice section
94f60e8
@lantoli
AWS SM with provider attributes
eb4364b
@xargom
doc: DOCSP-54251 -- Minimal style edits
7e633b2
bodegus
bodegus approved these changes Oct 15, 2025
View reviewed changes
Copy link
Collaborator

@bodegus bodegus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - slack feedback

@xargom xargom requested review from a team and kanchana-mongodb and removed request for kanchana-mongodb October 15, 2025 15:02
jvincent-mongodb
jvincent-mongodb approved these changes Oct 15, 2025
View reviewed changes
Copy link
Contributor

@jvincent-mongodb jvincent-mongodb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@xargom xargom merged commit e5b0012 into CLOUDP-334161-service-accounts-dev Oct 15, 2025
45 checks passed
@xargom xargom deleted the DOCSP-54251 branch October 15, 2025 20:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lantoli lantoli lantoli approved these changes

@marcosuma marcosuma marcosuma approved these changes

@bodegus bodegus bodegus approved these changes

@jvincent-mongodb jvincent-mongodb jvincent-mongodb approved these changes

@oarbusi oarbusi Awaiting requested review from oarbusi

@manupedrozo manupedrozo Awaiting requested review from manupedrozo

@kanchana-mongodb kanchana-mongodb Awaiting requested review from kanchana-mongodb

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@xargom @lantoli @marcosuma @bodegus @manupedrozo @kanchana-mongodb @jvincent-mongodb