DatabaseUser

Import

Database users can be imported using project ID and username, in the format project_id-username-auth_database_name, e.g.

 $ pulumi import mongodbatlas:index/databaseUser:DatabaseUser my_user 1112222b3bf99403840e8934-my_user-admin

Create a DatabaseUser Resource

new DatabaseUser(name: string, args: DatabaseUserArgs, opts?: CustomResourceOptions);
@overload
def DatabaseUser(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 auth_database_name: Optional[str] = None,
                 aws_iam_type: Optional[str] = None,
                 database_name: Optional[str] = None,
                 labels: Optional[Sequence[DatabaseUserLabelArgs]] = None,
                 ldap_auth_type: Optional[str] = None,
                 password: Optional[str] = None,
                 project_id: Optional[str] = None,
                 roles: Optional[Sequence[DatabaseUserRoleArgs]] = None,
                 scopes: Optional[Sequence[DatabaseUserScopeArgs]] = None,
                 username: Optional[str] = None,
                 x509_type: Optional[str] = None)
@overload
def DatabaseUser(resource_name: str,
                 args: DatabaseUserArgs,
                 opts: Optional[ResourceOptions] = None)
func NewDatabaseUser(ctx *Context, name string, args DatabaseUserArgs, opts ...ResourceOption) (*DatabaseUser, error)
public DatabaseUser(string name, DatabaseUserArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

DatabaseUser Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The DatabaseUser resource accepts the following input properties:

ProjectId string
The unique ID for the project to create the database user.
Roles List<DatabaseUserRoleArgs>
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
Username string
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
AuthDatabaseName string
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
AwsIamType string
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

Labels List<DatabaseUserLabelArgs>
LdapAuthType string
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
Password string
Scopes List<DatabaseUserScopeArgs>
X509Type string
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:
ProjectId string
The unique ID for the project to create the database user.
Roles []DatabaseUserRoleArgs
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
Username string
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
AuthDatabaseName string
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
AwsIamType string
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

Labels []DatabaseUserLabelArgs
LdapAuthType string
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
Password string
Scopes []DatabaseUserScopeArgs
X509Type string
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:
projectId string
The unique ID for the project to create the database user.
roles DatabaseUserRoleArgs[]
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
username string
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
authDatabaseName string
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
awsIamType string
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
databaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

labels DatabaseUserLabelArgs[]
ldapAuthType string
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
password string
scopes DatabaseUserScopeArgs[]
x509Type string
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:
project_id str
The unique ID for the project to create the database user.
roles Sequence[DatabaseUserRoleArgs]
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
username str
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
auth_database_name str
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
aws_iam_type str
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
database_name str
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

labels Sequence[DatabaseUserLabelArgs]
ldap_auth_type str
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
password str
scopes Sequence[DatabaseUserScopeArgs]
x509_type str
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

Outputs

All input properties are implicitly available as output properties. Additionally, the DatabaseUser resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing DatabaseUser Resource

Get an existing DatabaseUser resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: DatabaseUserState, opts?: CustomResourceOptions): DatabaseUser
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        auth_database_name: Optional[str] = None,
        aws_iam_type: Optional[str] = None,
        database_name: Optional[str] = None,
        labels: Optional[Sequence[DatabaseUserLabelArgs]] = None,
        ldap_auth_type: Optional[str] = None,
        password: Optional[str] = None,
        project_id: Optional[str] = None,
        roles: Optional[Sequence[DatabaseUserRoleArgs]] = None,
        scopes: Optional[Sequence[DatabaseUserScopeArgs]] = None,
        username: Optional[str] = None,
        x509_type: Optional[str] = None) -> DatabaseUser
func GetDatabaseUser(ctx *Context, name string, id IDInput, state *DatabaseUserState, opts ...ResourceOption) (*DatabaseUser, error)
public static DatabaseUser Get(string name, Input<string> id, DatabaseUserState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthDatabaseName string
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
AwsIamType string
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

Labels List<DatabaseUserLabelArgs>
LdapAuthType string
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
Password string
ProjectId string
The unique ID for the project to create the database user.
Roles List<DatabaseUserRoleArgs>
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
Scopes List<DatabaseUserScopeArgs>
Username string
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
X509Type string
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:
AuthDatabaseName string
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
AwsIamType string
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

Labels []DatabaseUserLabelArgs
LdapAuthType string
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
Password string
ProjectId string
The unique ID for the project to create the database user.
Roles []DatabaseUserRoleArgs
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
Scopes []DatabaseUserScopeArgs
Username string
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
X509Type string
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:
authDatabaseName string
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
awsIamType string
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
databaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

labels DatabaseUserLabelArgs[]
ldapAuthType string
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
password string
projectId string
The unique ID for the project to create the database user.
roles DatabaseUserRoleArgs[]
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
scopes DatabaseUserScopeArgs[]
username string
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
x509Type string
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:
auth_database_name str
Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:
aws_iam_type str
If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:
database_name str
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated: use auth_database_name instead

labels Sequence[DatabaseUserLabelArgs]
ldap_auth_type str
Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.
password str
project_id str
The unique ID for the project to create the database user.
roles Sequence[DatabaseUserRoleArgs]
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
scopes Sequence[DatabaseUserScopeArgs]
username str
Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.
x509_type str
X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

Supporting Types

DatabaseUserLabel

Key string
The key that you want to write.
Value string
The value that you want to write.
Key string
The key that you want to write.
Value string
The value that you want to write.
key string
The key that you want to write.
value string
The value that you want to write.
key str
The key that you want to write.
value str
The value that you want to write.

DatabaseUserRole

CollectionName string
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
RoleName string
Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.
CollectionName string
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
RoleName string
Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.
collectionName string
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
databaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
roleName string
Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.
collection_name str
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
database_name str
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
role_name str
Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.

DatabaseUserScope

Name string
Name of the cluster or Atlas Data Lake that the user has access to.
Type string
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE
Name string
Name of the cluster or Atlas Data Lake that the user has access to.
Type string
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE
name string
Name of the cluster or Atlas Data Lake that the user has access to.
type string
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE
name str
Name of the cluster or Atlas Data Lake that the user has access to.
type str
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Package Details

Repository
https://github.com/pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes
This Pulumi package is based on the mongodbatlas Terraform Provider.