CLOUDP-368426-Stream-Workspace Review comments

ParthasarathyV · ParthasarathyV · commit 8479e75bbe53 · 2026-01-15T17:09:13.000-05:00
diff --git a/cfn-resources/stream-workspace/mongodb-atlas-streamworkspace.json b/cfn-resources/stream-workspace/mongodb-atlas-streamworkspace.json
@@ -30,15 +30,13 @@
       "properties": {
         "Tier": {
           "type": "string",
-          "description": "Selected tier for the Stream Workspace. Configures Memory / VCPU allowances.",
-          "title": "Stream Workspace Tier",
-          "enum": ["SP2", "SP5", "SP10", "SP30", "SP50"]
+          "description": "Selected tier for the Stream Workspace. Configures Memory / VCPU allowances. Valid values: SP2, SP5, SP10, SP30, SP50.",
+          "title": "Stream Workspace Tier"
         },
         "MaxTierSize": {
           "type": "string",
-          "description": "Max tier size for the Stream Workspace. Configures Memory / VCPU allowances.",
-          "title": "Stream Workspace Max Tier Size",
-          "enum": ["SP2", "SP5", "SP10", "SP30", "SP50"]
+          "description": "Max tier size for the Stream Workspace. Configures Memory / VCPU allowances. Valid values: SP2, SP5, SP10, SP30, SP50.",
+          "title": "Stream Workspace Max Tier Size"
         }
       },
       "required": ["Tier"],
diff --git a/examples/atlas-streams/stream-workspace/README.md b/examples/atlas-streams/stream-workspace/README.md
@@ -1,207 +1,22 @@
-# MongoDB::Atlas::StreamWorkspace Examples
+# How to create a MongoDB::Atlas::StreamWorkspace 
 
-This directory contains an example CloudFormation template for creating Stream Workspaces in MongoDB Atlas.
+## Step 1: Activate the stream workspace resource in cloudformation
+   Step a: Create Role using [execution-role.yaml](https://github.com/mongodb/mongodbatlas-cloudformation-resources/blob/master/examples/execution-role.yaml) in CFN resources folder.
 
-## Prerequisites
+   Step b: Search for Mongodb::Atlas::StreamWorkspace resource.
 
-1. **Atlas Project**: You need an existing Atlas project. Get your Project ID from the Atlas UI or using:
+         (CloudFormation > Public extensions > choose 'Third party' > Search with " Execution name prefix = MongoDB " )
+   Step c: Select and activate
+         Enter the RoleArn that is created in step 1.
 
-   ```bash
-   atlas projects list
-   ```
+   Your StreamWorkspace Resource is ready to use.
 
-2. **AWS Credentials**: Ensure your AWS credentials are configured with permissions to:
-
-   - Create/update/delete CloudFormation stacks
-   - Access AWS Secrets Manager (for storing Atlas API keys)
-
-3. **Atlas API Keys**: Store your Atlas API keys in AWS Secrets Manager:
-
-   ```bash
-   aws secretsmanager create-secret \
-     --name cfn/atlas/profile/default \
-     --secret-string '{"PublicKey":"YOUR_PUBLIC_KEY","PrivateKey":"YOUR_PRIVATE_KEY","BaseURL":"https://cloud.mongodb.com"}' \
-     --region eu-west-1
-   ```
-
-4. **Resource Type Registered**: Ensure the `MongoDB::Atlas::StreamWorkspace` resource type is registered in your AWS CloudFormation Private Registry:
-   ```bash
-   aws cloudformation describe-type \
-     --type RESOURCE \
-     --type-name MongoDB::Atlas::StreamWorkspace \
-     --region eu-west-1
-   ```
-
-## Example Template
-
-### Stream Workspace (`stream-workspace.json`)
-
-Creates a Stream Workspace with configurable tier and data processing region. All parameters have sensible defaults, so you can deploy with just the required `ProjectId` and `WorkspaceName`, or customize all settings as needed.
-
-**Parameters:**
-
-- `ProjectId`: Your Atlas project ID (24-hexadecimal characters, required)
-- `WorkspaceName`: Name for the Stream Workspace (optional, will auto-generate if empty)
-- `CloudProvider`: Cloud provider for data processing region (default: "AWS", AWS only for CloudFormation)
-- `Region`: Region for data processing (default: "VIRGINIA_USA")
-- `Tier`: Stream Workspace Tier - "SP2", "SP5", "SP10", "SP30", or "SP50" (default: "SP30")
-- `Profile`: AWS Secrets Manager profile name (default: "default")
-
-**Deploy:**
-
-```bash
-# Setup credentials first (if using local credentials)
-# source ./prompts/setup-credentials.sh
-
-# Deploy the stack
-aws cloudformation create-stack \
-  --stack-name stream-workspace-example-$(date +%s) \
-  --template-body file://examples/atlas-streams/stream-workspace/stream-workspace.json \
-  --parameters \
-    ParameterKey=ProjectId,ParameterValue=YOUR_PROJECT_ID \
-    ParameterKey=WorkspaceName,ParameterValue=my-stream-workspace \
-    ParameterKey=CloudProvider,ParameterValue=AWS \
-    ParameterKey=Region,ParameterValue=VIRGINIA_USA \
-    ParameterKey=Tier,ParameterValue=SP30 \
-    ParameterKey=Profile,ParameterValue=default \
-  --capabilities CAPABILITY_IAM \
-  --region eu-west-1
-```
-
-**Monitor Stack Creation:**
-
-```bash
-# Check stack status
-aws cloudformation describe-stacks \
-  --stack-name <stack-name> \
-  --region eu-west-1 \
-  --query 'Stacks[0].StackStatus' \
-  --output text
-
-# Check resource status
-aws cloudformation describe-stack-resources \
-  --stack-name <stack-name> \
-  --region eu-west-1
-
-# Check CloudWatch logs for handler execution
-aws logs describe-log-groups \
-  --log-group-name-prefix "mongodb-atlas-streamworkspace" \
-  --region eu-west-1
-```
-
-**Expected Stack Creation Time:**
-
-- Typically 5-10 seconds for stream workspace creation
-- Stack status should transition: `CREATE_IN_PROGRESS` → `CREATE_COMPLETE`
-
-**Verify with Atlas CLI:**
-
-```bash
-# List all stream workspaces
-atlas streams instances list --projectId <PROJECT_ID>
-
-# Get specific workspace details
-atlas streams instances describe <WORKSPACE_NAME> --projectId <PROJECT_ID>
-```
-
-**Expected Output:**
-
-- Workspace should appear in the list with the specified name
-- Workspace should show:
-  - `name`: Matches the WorkspaceName parameter
-  - `dataProcessRegion.cloudProvider`: "AWS"
-  - `dataProcessRegion.region`: Matches the Region parameter (e.g., "VIRGINIA_USA")
-  - `streamConfig.tier`: Matches the Tier parameter (e.g., "SP30")
-  - `hostnames`: Array of hostnames for connecting to the workspace
-
-**Cross-Reference with CloudFormation:**
-
-```bash
-# Get physical resource ID from stack
-aws cloudformation describe-stack-resources \
-  --stack-name <stack-name> \
-  --region eu-west-1 \
-  --query 'StackResources[?LogicalResourceId==`StreamWorkspace`].PhysicalResourceId' \
-  --output text
-
-# Get stack outputs
-aws cloudformation describe-stacks \
-  --stack-name <stack-name> \
-  --region eu-west-1 \
-  --query 'Stacks[0].Outputs' \
-  --output json
-```
-
-**Stack Outputs:**
-
-- `StreamWorkspaceId`: The unique identifier for the Stream Workspace
-- `StreamWorkspaceName`: The name of the Stream Workspace
-- `StreamWorkspaceHostnames`: Comma-separated list of hostnames assigned to the stream workspace
-
-**Cleanup:**
-
-```bash
-# Delete the stack (will also delete the stream workspace)
-aws cloudformation delete-stack \
-  --stack-name <stack-name> \
-  --region eu-west-1
-
-# Wait for deletion to complete
-aws cloudformation wait stack-delete-complete \
-  --stack-name <stack-name> \
-  --region eu-west-1
-
-# Verify workspace is deleted
-atlas streams instances list --projectId <PROJECT_ID>
-```
-
-**Quick Deploy (Using Defaults):**
-
-If you want to use all default values, you only need to provide the required parameters:
-
-```bash
-aws cloudformation create-stack \
-  --stack-name stream-workspace-$(date +%s) \
-  --template-body file://examples/atlas-streams/stream-workspace/stream-workspace.json \
-  --parameters \
-    ParameterKey=ProjectId,ParameterValue=YOUR_PROJECT_ID \
-    ParameterKey=WorkspaceName,ParameterValue=my-workspace \
-  --capabilities CAPABILITY_IAM \
-  --region eu-west-1
-```
-
-This will use the default values:
-
-- `CloudProvider`: AWS
-- `Region`: VIRGINIA_USA
-- `Tier`: SP30
-- `MaxTierSize`: SP50
-- `Profile`: default
-
-## Notes
-
-- **AWS Only**: This CloudFormation resource is designed for AWS deployments. The CloudProvider parameter is constrained to "AWS" only.
-- **Create-Only Properties**: `WorkspaceName`, `ProjectId`, and `Profile` are create-only properties. To change these, you must delete and recreate the stack.
-- **Updateable Properties**: `StreamConfig.Tier` and `StreamConfig.MaxTierSize` can be updated after creation.
-- **Read-Only Properties**: `Id`, `Hostnames`, and `Connections` are read-only and returned by CloudFormation but cannot be set.
-
-## Troubleshooting
-
-**Stack Creation Fails:**
-
-- Verify Atlas API keys are correctly stored in AWS Secrets Manager
-- Check CloudWatch logs for handler execution errors
-- Ensure the resource type is registered in your private registry
-- Verify your IP address is on the Atlas IP Access List
-
-**Workspace Not Found in Atlas:**
-
-- Wait a few seconds after stack creation completes
-- Verify the Project ID is correct
-- Check Atlas UI for the workspace
-
-**Handler Execution Errors:**
-
-- Review CloudWatch logs: `aws logs tail /aws/lambda/mongodb-atlas-streamworkspace-role-stack-* --follow --region eu-west-1`
-- Verify execution role has `secretsmanager:GetSecretValue` permission
-- Check Atlas API key permissions in Atlas UI
+## Step 2: Create template using [stream-workspace.json](stream-workspace.json)
+    Note: Make sure you are providing appropriate values for: 
+    1. ProjectId
+    2. WorkspaceName (optional)
+    3. CloudProvider: AWS (optional, default: AWS)
+    4. Region (optional, default: VIRGINIA_USA)
+    5. Tier: SP2, SP5, SP10, SP30, or SP50 (optional, default: SP30)
+    6. MaxTierSize (optional, default: SP50)
+    7. Profile (optional)
