Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
include warning during creation
Browse files Browse the repository at this point in the history
AgustinBettati committed Mar 11, 2024
1 parent 7f8a674 commit 2741f70
Showing 2 changed files with 3 additions and 1 deletion.
2 changes: 2 additions & 0 deletions internal/service/databaseuser/resource_database_user.go
Original file line number Diff line number Diff line change
@@ -278,6 +278,8 @@ func (r *databaseUserRS) Read(ctx context.Context, req resource.ReadRequest, res
return
}

resp.Diagnostics.AddWarning("If the password value will be managed externally, it is advised to remove the attribute", "More details can be found in resource documentation under the 'password' attribute")

resp.Diagnostics.Append(resp.State.Set(ctx, &dbUserModel)...)
if resp.Diagnostics.HasError() {
return
2 changes: 1 addition & 1 deletion website/docs/r/database_user.html.markdown
Original file line number Diff line number Diff line change
@@ -130,7 +130,7 @@ Accepted values include:
* `project_id` - (Required) The unique ID for the project to create the database user.
* `roles` - (Required) List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See [Roles](#roles) below for more details.
* `username` - (Required) Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if `aws_iam_type` is USER or ROLE.
* `password` - (Required) User's initial password. A value is required to create the database user, however the argument but may be removed from your Terraform configuration after user creation without impacting the user, password or Terraform management. IMPORTANT --- Passwords may show up in Terraform related logs and it will be stored in the Terraform state file as plain-text. Password can be changed after creation using your preferred method, e.g. via the MongoDB Atlas UI, to ensure security. If you do change management of the password to outside of Terraform be sure to remove the argument from the Terraform configuration so it is not inadvertently updated to the original password.
* `password` - (Required) User's initial password. A value is required to create the database user, however the argument may be removed from your Terraform configuration after user creation without impacting the user, password or Terraform management. If you do change management of the password to outside of Terraform it is advised to remove the argument from the Terraform configuration so it is not inadvertently updated to the original password. IMPORTANT --- Passwords may show up in Terraform related logs and it will be stored in the Terraform state file as plain-text. Password can be changed after creation using your preferred method, e.g. via the MongoDB Atlas UI, to ensure security.

* `x509_type` - (Optional) X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:
* `NONE` - The user does not use X.509 authentication.

0 comments on commit 2741f70

Please sign in to comment.