Dynamic role names collisions

[timduan]

Hi team,

We've been using the vault mongo database plugin for dynamic secret for a while and it all works fine. However after we migrated some to mongo atlas and started to use mongo atlas database plugin, we started to run into dynamic role name creation collisions. We are getting errors: 409 (request "Conflict") A user with username v-xxxxxxxxxxxxxxx-a9 already exists

Comparing with mongo database plugin which username it generated can be as long as 65 chars, the current mongo atlas plugin capped it at 20 chars. While if all 20 chars are used for randomization is probably ok to avoid some level of potential collision, however with the current code design of role name capped at 15 chars long, plus credsutil's leading v and the separating -s, this leaves only 2 chars left for a dynamic username to be different. And with a high number of replica pods requirement we have, this collision will happen quite often.

Could you help to resolve this by either:

1. Adding the pre-validation within vault to check if any username already been created before calling Atlas to create user.
2. Reduce the capped role name number from 15 chars to a smaller number.
3. Bump up the max length from 20 to a larger number.

For now, we have to cut our role name shorter to a non human readable name to overcome the issue, we'd like to see this get fixed for the long term as the fix looks straightforward to do for now before you introducing the function allowing user to customize username length. Thank you!

[fairclothjm]

@timduan Hello!

We now support username customization for mongodb atlas in Vault 1.8. Support was added to the plugin in this PR: #26