This repository provides a modular Terraform solution for deploying a secure MongoDB Atlas environment on Azure following the recommendations in Deploy MongoDB Atlas in Azure. It features:
- Private networking and secure connectivity
- DevOps automation for remote state and identity
- End-to-end cluster setup for MongoDB Atlas
- Observability function and monitoring with Azure Application Insights and a Metrics Function App
- Automated infrastructure provisioning, Atlas cluster configuration, and a test application for validation
Important
The Terraform Landing Zone for MongoDB Atlas on Azure assumes that you already successfully implemented an Azure landing zone. However, you can use the Terraform Landing Zone for MongoDB Atlas on Azure if your infrastructure doesn't conform to Azure landing zones. For more information, refer to Cloud Adoption Framework enterprise-scale landing zones
We recommend evaluating whether additional Microsoft security services beyond those listed, e.g Azure Firewall, Defender for DDoS, Defender for Cloud, Microsoft Entra, and Azure Key Vault - are appropriate for your environment. Depending on your architecture and threat model, you may also want to consider among other options:
Before deploying, determine the architecture that best fits your requirements and understand the modules involved:
- Reference example architectures:
- Single Region:
- Multi Region:
- Single Region:
- Learn more:
- Read about available Terraform modules and their usage to see which modules to compose.
- Review and configure environment prerequisites.
- Configure required environment variables: Setup Environment Guide.
- Automated (Recommended):
- Deploy through GitHub Actions CI/CD workflows for full automation. Follow the Pipeline Deployment Guide.
- Manual:
- Run Terraform and supporting scripts directly. See Manual Deployment Steps.
- Both single-region and multi-region patterns are supported across automated and manual deployment options.
To avoid unexpected charges, always clean up resources when you're done.
See Cleanup.md for the full step-by-step cleanup procedure, including how to destroy Azure and MongoDB Atlas resources in the correct order.
Warning: Deploying this infrastructure is NOT free. It provisions paid resources such as a dedicated MongoDB Atlas cluster (minimum M10 tier for Private Endpoints), Azure networking components, and other Azure services. Review pricing details in the MongoDB Atlas Private Endpoint documentation before running
terraform apply.
This code is provided for demonstration purposes and should not be used in production without thorough testing. You are responsible for validating the configuration and ensuring it meets your environment's requirements.
For questions or to discuss suitability for your use case, please create an issue in this repository.
By using this repository, you agree to assume all risks and use it at your own discretion. Microsoft and the authors are not liable for damages or losses from its use. See the Support section for details.
Start exploring more detailed documentation in the Wiki Home, including:
This project welcomes contributions and suggestions. Before contributing, you will need to sign the Microsoft Contributor License Agreement (CLA).
Pull requests will be checked automatically by the CLA bot to determine if a CLA is required. Follow its instructions as needed.
We follow the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or email opencode@microsoft.com.
Contribution details can be found in the wiki.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow the Microsoft Trademark & Brand Guidelines. Any use of third-party trademarks or logos is subject to those third parties’ policies.