getDatabaseUsers

mongodbatlas.getDatabaseUsers describe all Database Users. This represents a database user which will be applied to all clusters within the project.

Each user has a set of roles that provide access to the project’s databases. User’s roles apply to all the clusters in the project: if two clusters have a products database and a user has a role granting read access on the products database, the user has that access on both clusters.

NOTE: Groups and projects are synonymous terms. You may find groupId in the official documentation.

Example Usage

using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

class MyStack : Stack
{
    public MyStack()
    {
        var testDatabaseUser = new Mongodbatlas.DatabaseUser("testDatabaseUser", new Mongodbatlas.DatabaseUserArgs
        {
            Username = "test-acc-username",
            Password = "test-acc-password",
            ProjectId = "<PROJECT-ID>",
            AuthDatabaseName = "admin",
            Roles = 
            {
                new Mongodbatlas.Inputs.DatabaseUserRoleArgs
                {
                    RoleName = "readWrite",
                    DatabaseName = "admin",
                },
                new Mongodbatlas.Inputs.DatabaseUserRoleArgs
                {
                    RoleName = "atlasAdmin",
                    DatabaseName = "admin",
                },
            },
            Labels = 
            {
                new Mongodbatlas.Inputs.DatabaseUserLabelArgs
                {
                    Key = "key 1",
                    Value = "value 1",
                },
                new Mongodbatlas.Inputs.DatabaseUserLabelArgs
                {
                    Key = "key 2",
                    Value = "value 2",
                },
            },
        });
        var testDatabaseUsers = testDatabaseUser.ProjectId.Apply(projectId => Mongodbatlas.GetDatabaseUsers.InvokeAsync(new Mongodbatlas.GetDatabaseUsersArgs
        {
            ProjectId = projectId,
        }));
    }

}
package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testDatabaseUser, err := mongodbatlas.NewDatabaseUser(ctx, "testDatabaseUser", &mongodbatlas.DatabaseUserArgs{
			Username:         pulumi.String("test-acc-username"),
			Password:         pulumi.String("test-acc-password"),
			ProjectId:        pulumi.String("<PROJECT-ID>"),
			AuthDatabaseName: pulumi.String("admin"),
			Roles: mongodbatlas.DatabaseUserRoleArray{
				&mongodbatlas.DatabaseUserRoleArgs{
					RoleName:     pulumi.String("readWrite"),
					DatabaseName: pulumi.String("admin"),
				},
				&mongodbatlas.DatabaseUserRoleArgs{
					RoleName:     pulumi.String("atlasAdmin"),
					DatabaseName: pulumi.String("admin"),
				},
			},
			Labels: mongodbatlas.DatabaseUserLabelArray{
				&mongodbatlas.DatabaseUserLabelArgs{
					Key:   pulumi.String("key 1"),
					Value: pulumi.String("value 1"),
				},
				&mongodbatlas.DatabaseUserLabelArgs{
					Key:   pulumi.String("key 2"),
					Value: pulumi.String("value 2"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_database_user = mongodbatlas.DatabaseUser("testDatabaseUser",
    username="test-acc-username",
    password="test-acc-password",
    project_id="<PROJECT-ID>",
    auth_database_name="admin",
    roles=[
        mongodbatlas.DatabaseUserRoleArgs(
            role_name="readWrite",
            database_name="admin",
        ),
        mongodbatlas.DatabaseUserRoleArgs(
            role_name="atlasAdmin",
            database_name="admin",
        ),
    ],
    labels=[
        mongodbatlas.DatabaseUserLabelArgs(
            key="key 1",
            value="value 1",
        ),
        mongodbatlas.DatabaseUserLabelArgs(
            key="key 2",
            value="value 2",
        ),
    ])
test_database_users = test_database_user.project_id.apply(lambda project_id: mongodbatlas.get_database_users(project_id=project_id))
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testDatabaseUser = new mongodbatlas.DatabaseUser("testDatabaseUser", {
    username: "test-acc-username",
    password: "test-acc-password",
    projectId: "<PROJECT-ID>",
    authDatabaseName: "admin",
    roles: [
        {
            roleName: "readWrite",
            databaseName: "admin",
        },
        {
            roleName: "atlasAdmin",
            databaseName: "admin",
        },
    ],
    labels: [
        {
            key: "key 1",
            value: "value 1",
        },
        {
            key: "key 2",
            value: "value 2",
        },
    ],
});
const testDatabaseUsers = testDatabaseUser.projectId.apply(projectId => mongodbatlas.getDatabaseUsers({
    projectId: projectId,
}));

Using getDatabaseUsers

function getDatabaseUsers(args: GetDatabaseUsersArgs, opts?: InvokeOptions): Promise<GetDatabaseUsersResult>
def get_database_users(project_id: Optional[str] = None,
                       opts: Optional[InvokeOptions] = None) -> GetDatabaseUsersResult
func GetDatabaseUsers(ctx *Context, args *GetDatabaseUsersArgs, opts ...InvokeOption) (*GetDatabaseUsersResult, error)

Note: This function is named GetDatabaseUsers in the Go SDK.

public static class GetDatabaseUsers {
    public static Task<GetDatabaseUsersResult> InvokeAsync(GetDatabaseUsersArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

ProjectId string
The unique ID for the project to get all database users.
ProjectId string
The unique ID for the project to get all database users.
projectId string
The unique ID for the project to get all database users.
project_id str
The unique ID for the project to get all database users.

getDatabaseUsers Result

The following output properties are available:

Id string
The provider-assigned unique ID for this managed resource.
ProjectId string
ID of the Atlas project the user belongs to.
Results List<GetDatabaseUsersResult>
A list where each represents a Database user.
Id string
The provider-assigned unique ID for this managed resource.
ProjectId string
ID of the Atlas project the user belongs to.
Results []GetDatabaseUsersResult
A list where each represents a Database user.
id string
The provider-assigned unique ID for this managed resource.
projectId string
ID of the Atlas project the user belongs to.
results GetDatabaseUsersResult[]
A list where each represents a Database user.
id str
The provider-assigned unique ID for this managed resource.
project_id str
ID of the Atlas project the user belongs to.
results Sequence[GetDatabaseUsersResult]
A list where each represents a Database user.

Supporting Types

GetDatabaseUsersResult

AuthDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
AwsIamType string
The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.
Labels List<GetDatabaseUsersResultLabel>
LdapAuthType string
Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.
ProjectId string
The unique ID for the project to get all database users.
Roles List<GetDatabaseUsersResultRole>
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
Scopes List<GetDatabaseUsersResultScope>
Array of clusters and Atlas Data Lakes that this user has access to.
Username string
Username for authenticating to MongoDB.
X509Type string
X.509 method by which the provided username is authenticated.
AuthDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
AwsIamType string
The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.
Labels []GetDatabaseUsersResultLabel
LdapAuthType string
Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.
ProjectId string
The unique ID for the project to get all database users.
Roles []GetDatabaseUsersResultRole
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
Scopes []GetDatabaseUsersResultScope
Array of clusters and Atlas Data Lakes that this user has access to.
Username string
Username for authenticating to MongoDB.
X509Type string
X.509 method by which the provided username is authenticated.
authDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
awsIamType string
The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.
labels GetDatabaseUsersResultLabel[]
ldapAuthType string
Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.
projectId string
The unique ID for the project to get all database users.
roles GetDatabaseUsersResultRole[]
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
scopes GetDatabaseUsersResultScope[]
Array of clusters and Atlas Data Lakes that this user has access to.
username string
Username for authenticating to MongoDB.
x509Type string
X.509 method by which the provided username is authenticated.
auth_database_name str

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
aws_iam_type str
The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.
labels Sequence[GetDatabaseUsersResultLabel]
ldap_auth_type str
Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.
project_id str
The unique ID for the project to get all database users.
roles Sequence[GetDatabaseUsersResultRole]
List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.
scopes Sequence[GetDatabaseUsersResultScope]
Array of clusters and Atlas Data Lakes that this user has access to.
username str
Username for authenticating to MongoDB.
x509_type str
X.509 method by which the provided username is authenticated.

GetDatabaseUsersResultLabel

Key string
The key that you want to write.
Value string
The value that you want to write.
Key string
The key that you want to write.
Value string
The value that you want to write.
key string
The key that you want to write.
value string
The value that you want to write.
key str
The key that you want to write.
value str
The value that you want to write.

GetDatabaseUsersResultRole

CollectionName string
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
RoleName string
CollectionName string
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
DatabaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
RoleName string
collectionName string
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
databaseName string
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
roleName string
collection_name str
Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).
database_name str
Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.
role_name str

GetDatabaseUsersResultScope

Name string
Name of the role to grant.
Type string
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE
Name string
Name of the role to grant.
Type string
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE
name string
Name of the role to grant.
type string
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE
name str
Name of the role to grant.
type str
Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Package Details

Repository
https://github.com/pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes
This Pulumi package is based on the mongodbatlas Terraform Provider.