Get started with Pulumi in a free one hour introductory workshop. Register Now

GetDatabaseUsers

mongodbatlas.getDatabaseUsers describe all Database Users. This represents a database user which will be applied to all clusters within the project.

Each user has a set of roles that provide access to the project’s databases. User’s roles apply to all the clusters in the project: if two clusters have a products database and a user has a role granting read access on the products database, the user has that access on both clusters.

NOTE: Groups and projects are synonymous terms. You may find groupId in the official documentation.

Example Usage

using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

class MyStack : Stack
{
    public MyStack()
    {
        var testDatabaseUser = new Mongodbatlas.DatabaseUser("testDatabaseUser", new Mongodbatlas.DatabaseUserArgs
        {
            Username = "test-acc-username",
            Password = "test-acc-password",
            ProjectId = "<PROJECT-ID>",
            AuthDatabaseName = "admin",
            Roles = 
            {
                new Mongodbatlas.Inputs.DatabaseUserRoleArgs
                {
                    RoleName = "readWrite",
                    DatabaseName = "admin",
                },
                new Mongodbatlas.Inputs.DatabaseUserRoleArgs
                {
                    RoleName = "atlasAdmin",
                    DatabaseName = "admin",
                },
            },
            Labels = 
            {
                new Mongodbatlas.Inputs.DatabaseUserLabelArgs
                {
                    Key = "key 1",
                    Value = "value 1",
                },
                new Mongodbatlas.Inputs.DatabaseUserLabelArgs
                {
                    Key = "key 2",
                    Value = "value 2",
                },
            },
        });
        var testDatabaseUsers = testDatabaseUser.ProjectId.Apply(projectId => Mongodbatlas.GetDatabaseUsers.InvokeAsync(new Mongodbatlas.GetDatabaseUsersArgs
        {
            ProjectId = projectId,
        }));
    }

}
package main

import (
    "github.com/pulumi/pulumi-mongodbatlas/sdk/go/mongodbatlas"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        testDatabaseUser, err := mongodbatlas.NewDatabaseUser(ctx, "testDatabaseUser", &mongodbatlas.DatabaseUserArgs{
            Username:         pulumi.String("test-acc-username"),
            Password:         pulumi.String("test-acc-password"),
            ProjectId:        pulumi.String("<PROJECT-ID>"),
            AuthDatabaseName: pulumi.String("admin"),
            Roles: mongodbatlas.DatabaseUserRoleArray{
                &mongodbatlas.DatabaseUserRoleArgs{
                    RoleName:     pulumi.String("readWrite"),
                    DatabaseName: pulumi.String("admin"),
                },
                &mongodbatlas.DatabaseUserRoleArgs{
                    RoleName:     pulumi.String("atlasAdmin"),
                    DatabaseName: pulumi.String("admin"),
                },
            },
            Labels: mongodbatlas.DatabaseUserLabelArray{
                &mongodbatlas.DatabaseUserLabelArgs{
                    Key:   pulumi.String("key 1"),
                    Value: pulumi.String("value 1"),
                },
                &mongodbatlas.DatabaseUserLabelArgs{
                    Key:   pulumi.String("key 2"),
                    Value: pulumi.String("value 2"),
                },
            },
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_database_user = mongodbatlas.DatabaseUser("testDatabaseUser",
    username="test-acc-username",
    password="test-acc-password",
    project_id="<PROJECT-ID>",
    auth_database_name="admin",
    roles=[
        mongodbatlas.DatabaseUserRoleArgs(
            role_name="readWrite",
            database_name="admin",
        ),
        mongodbatlas.DatabaseUserRoleArgs(
            role_name="atlasAdmin",
            database_name="admin",
        ),
    ],
    labels=[
        mongodbatlas.DatabaseUserLabelArgs(
            key="key 1",
            value="value 1",
        ),
        mongodbatlas.DatabaseUserLabelArgs(
            key="key 2",
            value="value 2",
        ),
    ])
test_database_users = test_database_user.project_id.apply(lambda project_id: mongodbatlas.get_database_users(project_id=project_id))
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testDatabaseUser = new mongodbatlas.DatabaseUser("testDatabaseUser", {
    username: "test-acc-username",
    password: "test-acc-password",
    projectId: "<PROJECT-ID>",
    authDatabaseName: "admin",
    roles: [
        {
            roleName: "readWrite",
            databaseName: "admin",
        },
        {
            roleName: "atlasAdmin",
            databaseName: "admin",
        },
    ],
    labels: [
        {
            key: "key 1",
            value: "value 1",
        },
        {
            key: "key 2",
            value: "value 2",
        },
    ],
});
const testDatabaseUsers = testDatabaseUser.projectId.apply(projectId => mongodbatlas.getDatabaseUsers({
    projectId: projectId,
}));

Using GetDatabaseUsers

function getDatabaseUsers(args: GetDatabaseUsersArgs, opts?: InvokeOptions): Promise<GetDatabaseUsersResult>
def get_database_users(project_id: Optional[str] = None, opts: Optional[InvokeOptions] = None) -> GetDatabaseUsersResult
func GetDatabaseUsers(ctx *Context, args *GetDatabaseUsersArgs, opts ...InvokeOption) (*GetDatabaseUsersResult, error)
public static class GetDatabaseUsers {
    public static Task<GetDatabaseUsersResult> InvokeAsync(GetDatabaseUsersArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

ProjectId string

The unique ID for the project to get all database users.

ProjectId string

The unique ID for the project to get all database users.

projectId string

The unique ID for the project to get all database users.

project_id str

The unique ID for the project to get all database users.

GetDatabaseUsers Result

The following output properties are available:

Id string

The provider-assigned unique ID for this managed resource.

ProjectId string

ID of the Atlas project the user belongs to.

Results List<GetDatabaseUsersResult>

A list where each represents a Database user.

Id string

The provider-assigned unique ID for this managed resource.

ProjectId string

ID of the Atlas project the user belongs to.

Results []GetDatabaseUsersResultType

A list where each represents a Database user.

id string

The provider-assigned unique ID for this managed resource.

projectId string

ID of the Atlas project the user belongs to.

results GetDatabaseUsersResult[]

A list where each represents a Database user.

id str

The provider-assigned unique ID for this managed resource.

project_id str

ID of the Atlas project the user belongs to.

results Sequence[GetDatabaseUsersResult]

A list where each represents a Database user.

Supporting Types

GetDatabaseUsersResult

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

AuthDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include: * admin if x509_type and aws_iam_type are omitted or NONE. * $external if: * x509_type is MANAGED or CUSTOMER, or * aws_iam_type is USER or ROLE.

AwsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

Labels List<GetDatabaseUsersResultLabelArgs>
ProjectId string

The unique ID for the project to get all database users.

Roles List<GetDatabaseUsersResultRoleArgs>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes List<GetDatabaseUsersResultScopeArgs>

Array of clusters and Atlas Data Lakes that this user has access to.

Username string

Username for authenticating to MongoDB.

X509Type string

X.509 method by which the provided username is authenticated.

AuthDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include: * admin if x509_type and aws_iam_type are omitted or NONE. * $external if: * x509_type is MANAGED or CUSTOMER, or * aws_iam_type is USER or ROLE.

AwsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

Labels []GetDatabaseUsersResultLabel
ProjectId string

The unique ID for the project to get all database users.

Roles []GetDatabaseUsersResultRole

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes []GetDatabaseUsersResultScope

Array of clusters and Atlas Data Lakes that this user has access to.

Username string

Username for authenticating to MongoDB.

X509Type string

X.509 method by which the provided username is authenticated.

authDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include: * admin if x509_type and aws_iam_type are omitted or NONE. * $external if: * x509_type is MANAGED or CUSTOMER, or * aws_iam_type is USER or ROLE.

awsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

labels GetDatabaseUsersResultLabel[]
projectId string

The unique ID for the project to get all database users.

roles GetDatabaseUsersResultRole[]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes GetDatabaseUsersResultScope[]

Array of clusters and Atlas Data Lakes that this user has access to.

username string

Username for authenticating to MongoDB.

x509Type string

X.509 method by which the provided username is authenticated.

auth_database_name str

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include: * admin if x509_type and aws_iam_type are omitted or NONE. * $external if: * x509_type is MANAGED or CUSTOMER, or * aws_iam_type is USER or ROLE.

aws_iam_type str

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

labels Sequence[GetDatabaseUsersResultLabelArgs]
project_id str

The unique ID for the project to get all database users.

roles Sequence[GetDatabaseUsersResultRoleArgs]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes Sequence[GetDatabaseUsersResultScopeArgs]

Array of clusters and Atlas Data Lakes that this user has access to.

username str

Username for authenticating to MongoDB.

x509_type str

X.509 method by which the provided username is authenticated.

GetDatabaseUsersResultLabel

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

Key string

The key that you want to write.

Value string

The value that you want to write.

Key string

The key that you want to write.

Value string

The value that you want to write.

key string

The key that you want to write.

value string

The value that you want to write.

key str

The key that you want to write.

value str

The value that you want to write.

GetDatabaseUsersResultRole

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string
CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string
collectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName string
collection_name str

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

role_name str

GetDatabaseUsersResultScope

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

Name string

Name of the role to grant.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Name string

Name of the role to grant.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name string

Name of the role to grant.

type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name str

Name of the role to grant.

type str

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Package Details

Repository
https://github.com/pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes
This Pulumi package is based on the mongodbatlas Terraform Provider.