Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

ProjectIpAccessList

mongodbatlas.ProjectIpAccessList provides an IP Access List entry resource. The access list grants access from IPs, CIDRs or AWS Security Groups (if VPC Peering is enabled) to clusters within the Project.

NOTE: Groups and projects are synonymous terms. You may find groupId in the official documentation.

IMPORTANT: When you remove an entry from the access list, existing connections from the removed address(es) may remain open for a variable amount of time. How much time passes before Atlas closes the connection depends on several factors, including how the connection was established, the particular behavior of the application or driver using the address, and the connection protocol (e.g., TCP or UDP). This is particularly important to consider when changing an existing IP address or CIDR block as they cannot be updated via the Provider (comments can however), hence a change will force the destruction and recreation of entries.

Example Usage

Using CIDR Block

using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

class MyStack : Stack
{
    public MyStack()
    {
        var test = new Mongodbatlas.ProjectIpAccessList("test", new Mongodbatlas.ProjectIpAccessListArgs
        {
            CidrBlock = "1.2.3.4/32",
            Comment = "cidr block for tf acc testing",
            ProjectId = "<PROJECT-ID>",
        });
    }

}
package main

import (
    "github.com/pulumi/pulumi-mongodbatlas/sdk/go/mongodbatlas"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := mongodbatlas.NewProjectIpAccessList(ctx, "test", &mongodbatlas.ProjectIpAccessListArgs{
            CidrBlock: pulumi.String("1.2.3.4/32"),
            Comment:   pulumi.String("cidr block for tf acc testing"),
            ProjectId: pulumi.String("<PROJECT-ID>"),
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test = mongodbatlas.ProjectIpAccessList("test",
    cidr_block="1.2.3.4/32",
    comment="cidr block for tf acc testing",
    project_id="<PROJECT-ID>")
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const test = new mongodbatlas.ProjectIpAccessList("test", {
    cidrBlock: "1.2.3.4/32",
    comment: "cidr block for tf acc testing",
    projectId: "<PROJECT-ID>",
});

Using IP Address

using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

class MyStack : Stack
{
    public MyStack()
    {
        var test = new Mongodbatlas.ProjectIpAccessList("test", new Mongodbatlas.ProjectIpAccessListArgs
        {
            Comment = "ip address for tf acc testing",
            IpAddress = "2.3.4.5",
            ProjectId = "<PROJECT-ID>",
        });
    }

}
package main

import (
    "github.com/pulumi/pulumi-mongodbatlas/sdk/go/mongodbatlas"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := mongodbatlas.NewProjectIpAccessList(ctx, "test", &mongodbatlas.ProjectIpAccessListArgs{
            Comment:   pulumi.String("ip address for tf acc testing"),
            IpAddress: pulumi.String("2.3.4.5"),
            ProjectId: pulumi.String("<PROJECT-ID>"),
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test = mongodbatlas.ProjectIpAccessList("test",
    comment="ip address for tf acc testing",
    ip_address="2.3.4.5",
    project_id="<PROJECT-ID>")
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const test = new mongodbatlas.ProjectIpAccessList("test", {
    comment: "ip address for tf acc testing",
    ipAddress: "2.3.4.5",
    projectId: "<PROJECT-ID>",
});

Using an AWS Security Group

using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

class MyStack : Stack
{
    public MyStack()
    {
        var testNetworkContainer = new Mongodbatlas.NetworkContainer("testNetworkContainer", new Mongodbatlas.NetworkContainerArgs
        {
            ProjectId = "<PROJECT-ID>",
            AtlasCidrBlock = "192.168.208.0/21",
            ProviderName = "AWS",
            RegionName = "US_EAST_1",
        });
        var testNetworkPeering = new Mongodbatlas.NetworkPeering("testNetworkPeering", new Mongodbatlas.NetworkPeeringArgs
        {
            ProjectId = "<PROJECT-ID>",
            ContainerId = testNetworkContainer.ContainerId,
            AccepterRegionName = "us-east-1",
            ProviderName = "AWS",
            RouteTableCidrBlock = "172.31.0.0/16",
            VpcId = "vpc-0d93d6f69f1578bd8",
            AwsAccountId = "232589400519",
        });
        var testProjectIpAccessList = new Mongodbatlas.ProjectIpAccessList("testProjectIpAccessList", new Mongodbatlas.ProjectIpAccessListArgs
        {
            ProjectId = "<PROJECT-ID>",
            AwsSecurityGroup = "sg-0026348ec11780bd1",
            Comment = "TestAcc for awsSecurityGroup",
        }, new CustomResourceOptions
        {
            DependsOn = 
            {
                "mongodbatlas_network_peering.test",
            },
        });
    }

}
package main

import (
    "github.com/pulumi/pulumi-mongodbatlas/sdk/go/mongodbatlas"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        testNetworkContainer, err := mongodbatlas.NewNetworkContainer(ctx, "testNetworkContainer", &mongodbatlas.NetworkContainerArgs{
            ProjectId:      pulumi.String("<PROJECT-ID>"),
            AtlasCidrBlock: pulumi.String("192.168.208.0/21"),
            ProviderName:   pulumi.String("AWS"),
            RegionName:     pulumi.String("US_EAST_1"),
        })
        if err != nil {
            return err
        }
        _, err = mongodbatlas.NewNetworkPeering(ctx, "testNetworkPeering", &mongodbatlas.NetworkPeeringArgs{
            ProjectId:           pulumi.String("<PROJECT-ID>"),
            ContainerId:         testNetworkContainer.ContainerId,
            AccepterRegionName:  pulumi.String("us-east-1"),
            ProviderName:        pulumi.String("AWS"),
            RouteTableCidrBlock: pulumi.String("172.31.0.0/16"),
            VpcId:               pulumi.String("vpc-0d93d6f69f1578bd8"),
            AwsAccountId:        pulumi.String("232589400519"),
        })
        if err != nil {
            return err
        }
        _, err = mongodbatlas.NewProjectIpAccessList(ctx, "testProjectIpAccessList", &mongodbatlas.ProjectIpAccessListArgs{
            ProjectId:        pulumi.String("<PROJECT-ID>"),
            AwsSecurityGroup: pulumi.String("sg-0026348ec11780bd1"),
            Comment:          pulumi.String("TestAcc for awsSecurityGroup"),
        }, pulumi.DependsOn([]pulumi.Resource{
            "mongodbatlas_network_peering.test",
        }))
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_network_container = mongodbatlas.NetworkContainer("testNetworkContainer",
    project_id="<PROJECT-ID>",
    atlas_cidr_block="192.168.208.0/21",
    provider_name="AWS",
    region_name="US_EAST_1")
test_network_peering = mongodbatlas.NetworkPeering("testNetworkPeering",
    project_id="<PROJECT-ID>",
    container_id=test_network_container.container_id,
    accepter_region_name="us-east-1",
    provider_name="AWS",
    route_table_cidr_block="172.31.0.0/16",
    vpc_id="vpc-0d93d6f69f1578bd8",
    aws_account_id="232589400519")
test_project_ip_access_list = mongodbatlas.ProjectIpAccessList("testProjectIpAccessList",
    project_id="<PROJECT-ID>",
    aws_security_group="sg-0026348ec11780bd1",
    comment="TestAcc for awsSecurityGroup",
    opts=pulumi.ResourceOptions(depends_on=["mongodbatlas_network_peering.test"]))
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testNetworkContainer = new mongodbatlas.NetworkContainer("testNetworkContainer", {
    projectId: "<PROJECT-ID>",
    atlasCidrBlock: "192.168.208.0/21",
    providerName: "AWS",
    regionName: "US_EAST_1",
});
const testNetworkPeering = new mongodbatlas.NetworkPeering("testNetworkPeering", {
    projectId: "<PROJECT-ID>",
    containerId: testNetworkContainer.containerId,
    accepterRegionName: "us-east-1",
    providerName: "AWS",
    routeTableCidrBlock: "172.31.0.0/16",
    vpcId: "vpc-0d93d6f69f1578bd8",
    awsAccountId: "232589400519",
});
const testProjectIpAccessList = new mongodbatlas.ProjectIpAccessList("testProjectIpAccessList", {
    projectId: "<PROJECT-ID>",
    awsSecurityGroup: "sg-0026348ec11780bd1",
    comment: "TestAcc for awsSecurityGroup",
}, {
    dependsOn: ["mongodbatlas_network_peering.test"],
});

Create a ProjectIpAccessList Resource

new ProjectIpAccessList(name: string, args: ProjectIpAccessListArgs, opts?: CustomResourceOptions);
def ProjectIpAccessList(resource_name: str, opts: Optional[ResourceOptions] = None, aws_security_group: Optional[str] = None, cidr_block: Optional[str] = None, comment: Optional[str] = None, ip_address: Optional[str] = None, project_id: Optional[str] = None)
func NewProjectIpAccessList(ctx *Context, name string, args ProjectIpAccessListArgs, opts ...ResourceOption) (*ProjectIpAccessList, error)
public ProjectIpAccessList(string name, ProjectIpAccessListArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args ProjectIpAccessListArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ProjectIpAccessListArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ProjectIpAccessListArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

ProjectIpAccessList Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The ProjectIpAccessList resource accepts the following input properties:

ProjectId string

Unique identifier for the project to which you want to add one or more access list entries.

AwsSecurityGroup string

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

CidrBlock string

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

Comment string

Comment to add to the access list entry.

IpAddress string

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

ProjectId string

Unique identifier for the project to which you want to add one or more access list entries.

AwsSecurityGroup string

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

CidrBlock string

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

Comment string

Comment to add to the access list entry.

IpAddress string

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

projectId string

Unique identifier for the project to which you want to add one or more access list entries.

awsSecurityGroup string

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

cidrBlock string

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

comment string

Comment to add to the access list entry.

ipAddress string

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

project_id str

Unique identifier for the project to which you want to add one or more access list entries.

aws_security_group str

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

cidr_block str

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

comment str

Comment to add to the access list entry.

ip_address str

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

Outputs

All input properties are implicitly available as output properties. Additionally, the ProjectIpAccessList resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing ProjectIpAccessList Resource

Get an existing ProjectIpAccessList resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ProjectIpAccessListState, opts?: CustomResourceOptions): ProjectIpAccessList
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, aws_security_group: Optional[str] = None, cidr_block: Optional[str] = None, comment: Optional[str] = None, ip_address: Optional[str] = None, project_id: Optional[str] = None) -> ProjectIpAccessList
func GetProjectIpAccessList(ctx *Context, name string, id IDInput, state *ProjectIpAccessListState, opts ...ResourceOption) (*ProjectIpAccessList, error)
public static ProjectIpAccessList Get(string name, Input<string> id, ProjectIpAccessListState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AwsSecurityGroup string

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

CidrBlock string

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

Comment string

Comment to add to the access list entry.

IpAddress string

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

ProjectId string

Unique identifier for the project to which you want to add one or more access list entries.

AwsSecurityGroup string

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

CidrBlock string

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

Comment string

Comment to add to the access list entry.

IpAddress string

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

ProjectId string

Unique identifier for the project to which you want to add one or more access list entries.

awsSecurityGroup string

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

cidrBlock string

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

comment string

Comment to add to the access list entry.

ipAddress string

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

projectId string

Unique identifier for the project to which you want to add one or more access list entries.

aws_security_group str

Unique identifier of the AWS security group to add to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

cidr_block str

Range of IP addresses in CIDR notation to be added to the access list. Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

comment str

Comment to add to the access list entry.

ip_address str

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

project_id str

Unique identifier for the project to which you want to add one or more access list entries.

Import

IP Access List entries can be imported using the project_id and cidr_block or ip_address, e.g.

 $ pulumi import mongodbatlas:index/projectIpAccessList:ProjectIpAccessList test 5d0f1f74cf09a29120e123cd-10.242.88.0/21

For more information seeMongoDB Atlas API Reference.

Package Details

Repository
https://github.com/pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes
This Pulumi package is based on the mongodbatlas Terraform Provider.