mongodbatlas.CloudProviderAccessSetup

MongoDB Atlas v4.0.0, Dec 30 25

MongoDB Atlas v4.0.0 published on Tuesday, Dec 30, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-mongodbatlas

MongoDB Atlas v4.0.0 published on Tuesday, Dec 30, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-mongodbatlas

Example Usage

With AWS

import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testRole = new mongodbatlas.CloudProviderAccessSetup("test_role", {
    projectId: "64259ee860c43338194b0f8e",
    providerName: "AWS",
});

import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_role = mongodbatlas.CloudProviderAccessSetup("test_role",
    project_id="64259ee860c43338194b0f8e",
    provider_name="AWS")

package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v4/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewCloudProviderAccessSetup(ctx, "test_role", &mongodbatlas.CloudProviderAccessSetupArgs{
			ProjectId:    pulumi.String("64259ee860c43338194b0f8e"),
			ProviderName: pulumi.String("AWS"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var testRole = new Mongodbatlas.CloudProviderAccessSetup("test_role", new()
    {
        ProjectId = "64259ee860c43338194b0f8e",
        ProviderName = "AWS",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.CloudProviderAccessSetup;
import com.pulumi.mongodbatlas.CloudProviderAccessSetupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testRole = new CloudProviderAccessSetup("testRole", CloudProviderAccessSetupArgs.builder()
            .projectId("64259ee860c43338194b0f8e")
            .providerName("AWS")
            .build());

    }
}

resources:
  testRole:
    type: mongodbatlas:CloudProviderAccessSetup
    name: test_role
    properties:
      projectId: 64259ee860c43338194b0f8e
      providerName: AWS

With Azure

import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testRole = new mongodbatlas.CloudProviderAccessSetup("test_role", {
    projectId: "64259ee860c43338194b0f8e",
    providerName: "AZURE",
    azureConfigs: [{
        atlasAzureAppId: "9f2deb0d-be22-4524-a403-df531868bac0",
        servicePrincipalId: "22f1d2a6-d0e9-482a-83a4-b8dd7dddc2c1",
        tenantId: "91402384-d71e-22f5-22dd-759e272cdc1c",
    }],
});

import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_role = mongodbatlas.CloudProviderAccessSetup("test_role",
    project_id="64259ee860c43338194b0f8e",
    provider_name="AZURE",
    azure_configs=[{
        "atlas_azure_app_id": "9f2deb0d-be22-4524-a403-df531868bac0",
        "service_principal_id": "22f1d2a6-d0e9-482a-83a4-b8dd7dddc2c1",
        "tenant_id": "91402384-d71e-22f5-22dd-759e272cdc1c",
    }])

package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v4/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewCloudProviderAccessSetup(ctx, "test_role", &mongodbatlas.CloudProviderAccessSetupArgs{
			ProjectId:    pulumi.String("64259ee860c43338194b0f8e"),
			ProviderName: pulumi.String("AZURE"),
			AzureConfigs: mongodbatlas.CloudProviderAccessSetupAzureConfigArray{
				&mongodbatlas.CloudProviderAccessSetupAzureConfigArgs{
					AtlasAzureAppId:    pulumi.String("9f2deb0d-be22-4524-a403-df531868bac0"),
					ServicePrincipalId: pulumi.String("22f1d2a6-d0e9-482a-83a4-b8dd7dddc2c1"),
					TenantId:           pulumi.String("91402384-d71e-22f5-22dd-759e272cdc1c"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var testRole = new Mongodbatlas.CloudProviderAccessSetup("test_role", new()
    {
        ProjectId = "64259ee860c43338194b0f8e",
        ProviderName = "AZURE",
        AzureConfigs = new[]
        {
            new Mongodbatlas.Inputs.CloudProviderAccessSetupAzureConfigArgs
            {
                AtlasAzureAppId = "9f2deb0d-be22-4524-a403-df531868bac0",
                ServicePrincipalId = "22f1d2a6-d0e9-482a-83a4-b8dd7dddc2c1",
                TenantId = "91402384-d71e-22f5-22dd-759e272cdc1c",
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.CloudProviderAccessSetup;
import com.pulumi.mongodbatlas.CloudProviderAccessSetupArgs;
import com.pulumi.mongodbatlas.inputs.CloudProviderAccessSetupAzureConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testRole = new CloudProviderAccessSetup("testRole", CloudProviderAccessSetupArgs.builder()
            .projectId("64259ee860c43338194b0f8e")
            .providerName("AZURE")
            .azureConfigs(CloudProviderAccessSetupAzureConfigArgs.builder()
                .atlasAzureAppId("9f2deb0d-be22-4524-a403-df531868bac0")
                .servicePrincipalId("22f1d2a6-d0e9-482a-83a4-b8dd7dddc2c1")
                .tenantId("91402384-d71e-22f5-22dd-759e272cdc1c")
                .build())
            .build());

    }
}

resources:
  testRole:
    type: mongodbatlas:CloudProviderAccessSetup
    name: test_role
    properties:
      projectId: 64259ee860c43338194b0f8e
      providerName: AZURE
      azureConfigs:
        - atlasAzureAppId: 9f2deb0d-be22-4524-a403-df531868bac0
          servicePrincipalId: 22f1d2a6-d0e9-482a-83a4-b8dd7dddc2c1
          tenantId: 91402384-d71e-22f5-22dd-759e272cdc1c

With GCP

import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testRole = new mongodbatlas.CloudProviderAccessSetup("test_role", {
    projectId: "64259ee860c43338194b0f8e",
    providerName: "GCP",
});

import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_role = mongodbatlas.CloudProviderAccessSetup("test_role",
    project_id="64259ee860c43338194b0f8e",
    provider_name="GCP")

package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v4/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewCloudProviderAccessSetup(ctx, "test_role", &mongodbatlas.CloudProviderAccessSetupArgs{
			ProjectId:    pulumi.String("64259ee860c43338194b0f8e"),
			ProviderName: pulumi.String("GCP"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var testRole = new Mongodbatlas.CloudProviderAccessSetup("test_role", new()
    {
        ProjectId = "64259ee860c43338194b0f8e",
        ProviderName = "GCP",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.CloudProviderAccessSetup;
import com.pulumi.mongodbatlas.CloudProviderAccessSetupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testRole = new CloudProviderAccessSetup("testRole", CloudProviderAccessSetupArgs.builder()
            .projectId("64259ee860c43338194b0f8e")
            .providerName("GCP")
            .build());

    }
}

resources:
  testRole:
    type: mongodbatlas:CloudProviderAccessSetup
    name: test_role
    properties:
      projectId: 64259ee860c43338194b0f8e
      providerName: GCP

Further Examples

AWS Cloud Provider Access
Azure Cloud Provider Access
GCP Cloud Provider Access

Create CloudProviderAccessSetup Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new CloudProviderAccessSetup(name: string, args: CloudProviderAccessSetupArgs, opts?: CustomResourceOptions);

@overload
def CloudProviderAccessSetup(resource_name: str,
                             args: CloudProviderAccessSetupArgs,
                             opts: Optional[ResourceOptions] = None)

@overload
def CloudProviderAccessSetup(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             project_id: Optional[str] = None,
                             provider_name: Optional[str] = None,
                             azure_configs: Optional[Sequence[CloudProviderAccessSetupAzureConfigArgs]] = None,
                             delete_on_create_timeout: Optional[bool] = None)

func NewCloudProviderAccessSetup(ctx *Context, name string, args CloudProviderAccessSetupArgs, opts ...ResourceOption) (*CloudProviderAccessSetup, error)

public CloudProviderAccessSetup(string name, CloudProviderAccessSetupArgs args, CustomResourceOptions? opts = null)

public CloudProviderAccessSetup(String name, CloudProviderAccessSetupArgs args)
public CloudProviderAccessSetup(String name, CloudProviderAccessSetupArgs args, CustomResourceOptions options)

type: mongodbatlas:CloudProviderAccessSetup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args CloudProviderAccessSetupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args CloudProviderAccessSetupArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args CloudProviderAccessSetupArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CloudProviderAccessSetupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args CloudProviderAccessSetupArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var cloudProviderAccessSetupResource = new Mongodbatlas.CloudProviderAccessSetup("cloudProviderAccessSetupResource", new()
{
    ProjectId = "string",
    ProviderName = "string",
    AzureConfigs = new[]
    {
        new Mongodbatlas.Inputs.CloudProviderAccessSetupAzureConfigArgs
        {
            AtlasAzureAppId = "string",
            ServicePrincipalId = "string",
            TenantId = "string",
        },
    },
    DeleteOnCreateTimeout = false,
});

example, err := mongodbatlas.NewCloudProviderAccessSetup(ctx, "cloudProviderAccessSetupResource", &mongodbatlas.CloudProviderAccessSetupArgs{
	ProjectId:    pulumi.String("string"),
	ProviderName: pulumi.String("string"),
	AzureConfigs: mongodbatlas.CloudProviderAccessSetupAzureConfigArray{
		&mongodbatlas.CloudProviderAccessSetupAzureConfigArgs{
			AtlasAzureAppId:    pulumi.String("string"),
			ServicePrincipalId: pulumi.String("string"),
			TenantId:           pulumi.String("string"),
		},
	},
	DeleteOnCreateTimeout: pulumi.Bool(false),
})

var cloudProviderAccessSetupResource = new CloudProviderAccessSetup("cloudProviderAccessSetupResource", CloudProviderAccessSetupArgs.builder()
    .projectId("string")
    .providerName("string")
    .azureConfigs(CloudProviderAccessSetupAzureConfigArgs.builder()
        .atlasAzureAppId("string")
        .servicePrincipalId("string")
        .tenantId("string")
        .build())
    .deleteOnCreateTimeout(false)
    .build());

cloud_provider_access_setup_resource = mongodbatlas.CloudProviderAccessSetup("cloudProviderAccessSetupResource",
    project_id="string",
    provider_name="string",
    azure_configs=[{
        "atlas_azure_app_id": "string",
        "service_principal_id": "string",
        "tenant_id": "string",
    }],
    delete_on_create_timeout=False)

const cloudProviderAccessSetupResource = new mongodbatlas.CloudProviderAccessSetup("cloudProviderAccessSetupResource", {
    projectId: "string",
    providerName: "string",
    azureConfigs: [{
        atlasAzureAppId: "string",
        servicePrincipalId: "string",
        tenantId: "string",
    }],
    deleteOnCreateTimeout: false,
});

type: mongodbatlas:CloudProviderAccessSetup
properties:
    azureConfigs:
        - atlasAzureAppId: string
          servicePrincipalId: string
          tenantId: string
    deleteOnCreateTimeout: false
    projectId: string
    providerName: string

CloudProviderAccessSetup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The CloudProviderAccessSetup resource accepts the following input properties:

ProjectId string: The unique ID for the project
ProviderName string: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
AzureConfigs List<CloudProviderAccessSetupAzureConfig>: azure related configurations
DeleteOnCreateTimeout bool: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.

ProjectId string: The unique ID for the project
ProviderName string: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
AzureConfigs []CloudProviderAccessSetupAzureConfigArgs: azure related configurations
DeleteOnCreateTimeout bool: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.

projectId String: The unique ID for the project
providerName String: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
azureConfigs List<CloudProviderAccessSetupAzureConfig>: azure related configurations
deleteOnCreateTimeout Boolean: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.

projectId string: The unique ID for the project
providerName string: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
azureConfigs CloudProviderAccessSetupAzureConfig[]: azure related configurations
deleteOnCreateTimeout boolean: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.

project_id str: The unique ID for the project
provider_name str: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
azure_configs Sequence[CloudProviderAccessSetupAzureConfigArgs]: azure related configurations
delete_on_create_timeout bool: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.

projectId String: The unique ID for the project
providerName String: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
azureConfigs List<Property Map>: azure related configurations
deleteOnCreateTimeout Boolean: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.

Outputs

All input properties are implicitly available as output properties. Additionally, the CloudProviderAccessSetup resource produces the following output properties:

AwsConfigs List<CloudProviderAccessSetupAwsConfig>: aws related arn roles
CreatedDate string: Date on which this role was created.
GcpConfigs List<CloudProviderAccessSetupGcpConfig>: gcp related configuration
Id string: The provider-assigned unique ID for this managed resource.
LastUpdatedDate string: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
RoleId string: Unique ID of this role.

AwsConfigs []CloudProviderAccessSetupAwsConfig: aws related arn roles
CreatedDate string: Date on which this role was created.
GcpConfigs []CloudProviderAccessSetupGcpConfig: gcp related configuration
Id string: The provider-assigned unique ID for this managed resource.
LastUpdatedDate string: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
RoleId string: Unique ID of this role.

awsConfigs List<CloudProviderAccessSetupAwsConfig>: aws related arn roles
createdDate String: Date on which this role was created.
gcpConfigs List<CloudProviderAccessSetupGcpConfig>: gcp related configuration
id String: The provider-assigned unique ID for this managed resource.
lastUpdatedDate String: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
roleId String: Unique ID of this role.

awsConfigs CloudProviderAccessSetupAwsConfig[]: aws related arn roles
createdDate string: Date on which this role was created.
gcpConfigs CloudProviderAccessSetupGcpConfig[]: gcp related configuration
id string: The provider-assigned unique ID for this managed resource.
lastUpdatedDate string: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
roleId string: Unique ID of this role.

aws_configs Sequence[CloudProviderAccessSetupAwsConfig]: aws related arn roles
created_date str: Date on which this role was created.
gcp_configs Sequence[CloudProviderAccessSetupGcpConfig]: gcp related configuration
id str: The provider-assigned unique ID for this managed resource.
last_updated_date str: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
role_id str: Unique ID of this role.

awsConfigs List<Property Map>: aws related arn roles
createdDate String: Date on which this role was created.
gcpConfigs List<Property Map>: gcp related configuration
id String: The provider-assigned unique ID for this managed resource.
lastUpdatedDate String: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
roleId String: Unique ID of this role.

Look up Existing CloudProviderAccessSetup Resource

Get an existing CloudProviderAccessSetup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CloudProviderAccessSetupState, opts?: CustomResourceOptions): CloudProviderAccessSetup

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        aws_configs: Optional[Sequence[CloudProviderAccessSetupAwsConfigArgs]] = None,
        azure_configs: Optional[Sequence[CloudProviderAccessSetupAzureConfigArgs]] = None,
        created_date: Optional[str] = None,
        delete_on_create_timeout: Optional[bool] = None,
        gcp_configs: Optional[Sequence[CloudProviderAccessSetupGcpConfigArgs]] = None,
        last_updated_date: Optional[str] = None,
        project_id: Optional[str] = None,
        provider_name: Optional[str] = None,
        role_id: Optional[str] = None) -> CloudProviderAccessSetup

func GetCloudProviderAccessSetup(ctx *Context, name string, id IDInput, state *CloudProviderAccessSetupState, opts ...ResourceOption) (*CloudProviderAccessSetup, error)

public static CloudProviderAccessSetup Get(string name, Input<string> id, CloudProviderAccessSetupState? state, CustomResourceOptions? opts = null)

public static CloudProviderAccessSetup get(String name, Output<String> id, CloudProviderAccessSetupState state, CustomResourceOptions options)

resources:  _:    type: mongodbatlas:CloudProviderAccessSetup    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AwsConfigs List<CloudProviderAccessSetupAwsConfig>: aws related arn roles
AzureConfigs List<CloudProviderAccessSetupAzureConfig>: azure related configurations
CreatedDate string: Date on which this role was created.
DeleteOnCreateTimeout bool: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.
GcpConfigs List<CloudProviderAccessSetupGcpConfig>: gcp related configuration
LastUpdatedDate string: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
ProjectId string: The unique ID for the project
ProviderName string: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
RoleId string: Unique ID of this role.

AwsConfigs []CloudProviderAccessSetupAwsConfigArgs: aws related arn roles
AzureConfigs []CloudProviderAccessSetupAzureConfigArgs: azure related configurations
CreatedDate string: Date on which this role was created.
DeleteOnCreateTimeout bool: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.
GcpConfigs []CloudProviderAccessSetupGcpConfigArgs: gcp related configuration
LastUpdatedDate string: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
ProjectId string: The unique ID for the project
ProviderName string: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
RoleId string: Unique ID of this role.

awsConfigs List<CloudProviderAccessSetupAwsConfig>: aws related arn roles
azureConfigs List<CloudProviderAccessSetupAzureConfig>: azure related configurations
createdDate String: Date on which this role was created.
deleteOnCreateTimeout Boolean: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.
gcpConfigs List<CloudProviderAccessSetupGcpConfig>: gcp related configuration
lastUpdatedDate String: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
projectId String: The unique ID for the project
providerName String: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
roleId String: Unique ID of this role.

awsConfigs CloudProviderAccessSetupAwsConfig[]: aws related arn roles
azureConfigs CloudProviderAccessSetupAzureConfig[]: azure related configurations
createdDate string: Date on which this role was created.
deleteOnCreateTimeout boolean: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.
gcpConfigs CloudProviderAccessSetupGcpConfig[]: gcp related configuration
lastUpdatedDate string: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
projectId string: The unique ID for the project
providerName string: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
roleId string: Unique ID of this role.

aws_configs Sequence[CloudProviderAccessSetupAwsConfigArgs]: aws related arn roles
azure_configs Sequence[CloudProviderAccessSetupAzureConfigArgs]: azure related configurations
created_date str: Date on which this role was created.
delete_on_create_timeout bool: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.
gcp_configs Sequence[CloudProviderAccessSetupGcpConfigArgs]: gcp related configuration
last_updated_date str: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
project_id str: The unique ID for the project
provider_name str: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
role_id str: Unique ID of this role.

awsConfigs List<Property Map>: aws related arn roles
azureConfigs List<Property Map>: azure related configurations
createdDate String: Date on which this role was created.
deleteOnCreateTimeout Boolean: Indicates whether to delete the resource being created if a timeout is reached when waiting for completion. When set to true and timeout occurs, it triggers the deletion and returns immediately without waiting for deletion to complete. When set to false, the timeout will not trigger resource deletion. If you suspect a transient error when the value is true, wait before retrying to allow resource deletion to finish. Default is true.
gcpConfigs List<Property Map>: gcp related configuration
lastUpdatedDate String: Date and time when this Azure Service Principal was last updated. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
projectId String: The unique ID for the project
providerName String: The cloud provider for which to create a new role. Currently, AWS, AZURE and GCP are supported. WARNING Changing the provider_name will result in destruction of the existing resource and the creation of a new resource.
roleId String: Unique ID of this role.

Supporting Types

CloudProviderAccessSetupAwsConfig, CloudProviderAccessSetupAwsConfigArgs

AtlasAssumedRoleExternalId string: Unique external ID Atlas uses when assuming the IAM role in your AWS account.
AtlasAwsAccountArn string: ARN associated with the Atlas AWS account used to assume IAM roles in your AWS account.

AtlasAssumedRoleExternalId string: Unique external ID Atlas uses when assuming the IAM role in your AWS account.
AtlasAwsAccountArn string: ARN associated with the Atlas AWS account used to assume IAM roles in your AWS account.

atlasAssumedRoleExternalId String: Unique external ID Atlas uses when assuming the IAM role in your AWS account.
atlasAwsAccountArn String: ARN associated with the Atlas AWS account used to assume IAM roles in your AWS account.

atlasAssumedRoleExternalId string: Unique external ID Atlas uses when assuming the IAM role in your AWS account.
atlasAwsAccountArn string: ARN associated with the Atlas AWS account used to assume IAM roles in your AWS account.

atlas_assumed_role_external_id str: Unique external ID Atlas uses when assuming the IAM role in your AWS account.
atlas_aws_account_arn str: ARN associated with the Atlas AWS account used to assume IAM roles in your AWS account.

atlasAssumedRoleExternalId String: Unique external ID Atlas uses when assuming the IAM role in your AWS account.
atlasAwsAccountArn String: ARN associated with the Atlas AWS account used to assume IAM roles in your AWS account.

CloudProviderAccessSetupAzureConfig, CloudProviderAccessSetupAzureConfigArgs

AtlasAzureAppId string: Azure Active Directory Application ID of Atlas. This property is required when provider_name = "AZURE".
ServicePrincipalId string: UUID string that identifies the Azure Service Principal. This property is required when provider_name = "AZURE".
TenantId string: UUID String that identifies the Azure Active Directory Tenant ID. This property is required when provider_name = "AZURE".

AtlasAzureAppId string: Azure Active Directory Application ID of Atlas. This property is required when provider_name = "AZURE".
ServicePrincipalId string: UUID string that identifies the Azure Service Principal. This property is required when provider_name = "AZURE".
TenantId string: UUID String that identifies the Azure Active Directory Tenant ID. This property is required when provider_name = "AZURE".

atlasAzureAppId String: Azure Active Directory Application ID of Atlas. This property is required when provider_name = "AZURE".
servicePrincipalId String: UUID string that identifies the Azure Service Principal. This property is required when provider_name = "AZURE".
tenantId String: UUID String that identifies the Azure Active Directory Tenant ID. This property is required when provider_name = "AZURE".

atlasAzureAppId string: Azure Active Directory Application ID of Atlas. This property is required when provider_name = "AZURE".
servicePrincipalId string: UUID string that identifies the Azure Service Principal. This property is required when provider_name = "AZURE".
tenantId string: UUID String that identifies the Azure Active Directory Tenant ID. This property is required when provider_name = "AZURE".

atlas_azure_app_id str: Azure Active Directory Application ID of Atlas. This property is required when provider_name = "AZURE".
service_principal_id str: UUID string that identifies the Azure Service Principal. This property is required when provider_name = "AZURE".
tenant_id str: UUID String that identifies the Azure Active Directory Tenant ID. This property is required when provider_name = "AZURE".

atlasAzureAppId String: Azure Active Directory Application ID of Atlas. This property is required when provider_name = "AZURE".
servicePrincipalId String: UUID string that identifies the Azure Service Principal. This property is required when provider_name = "AZURE".
tenantId String: UUID String that identifies the Azure Active Directory Tenant ID. This property is required when provider_name = "AZURE".

CloudProviderAccessSetupGcpConfig, CloudProviderAccessSetupGcpConfigArgs

ServiceAccountForAtlas string: The GCP service account email that Atlas uses.
Status string: The status of the GCP cloud provider access setup. See MongoDB Atlas API.

ServiceAccountForAtlas string: The GCP service account email that Atlas uses.
Status string: The status of the GCP cloud provider access setup. See MongoDB Atlas API.

serviceAccountForAtlas String: The GCP service account email that Atlas uses.
status String: The status of the GCP cloud provider access setup. See MongoDB Atlas API.

serviceAccountForAtlas string: The GCP service account email that Atlas uses.
status string: The status of the GCP cloud provider access setup. See MongoDB Atlas API.

service_account_for_atlas str: The GCP service account email that Atlas uses.
status str: The status of the GCP cloud provider access setup. See MongoDB Atlas API.

serviceAccountForAtlas String: The GCP service account email that Atlas uses.
status String: The status of the GCP cloud provider access setup. See MongoDB Atlas API.

Import

It can be imported using project ID, provider name and role_id in the format project_id-provider_name-role_id, e.g.

$ pulumi import mongodbatlas:index/cloudProviderAccessSetup:CloudProviderAccessSetup my_role 1112222b3bf99403840e8934-AWS-5fc17d476f7a33224f5b224e

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: MongoDB Atlas pulumi/pulumi-mongodbatlas
License: Apache-2.0
Notes: This Pulumi package is based on the mongodbatlas Terraform Provider.

MongoDB Atlas v4.0.0 published on Tuesday, Dec 30, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-mongodbatlas

mongodbatlas.CloudProviderAccessSetup

On this page

On this page

Example Usage

With AWS

With Azure

With GCP

Further Examples

Create CloudProviderAccessSetup Resource

Constructor syntax

Parameters

Constructor example

CloudProviderAccessSetup Resource Properties

Inputs

Outputs

Look up Existing CloudProviderAccessSetup Resource

Supporting Types

CloudProviderAccessSetupAwsConfig, CloudProviderAccessSetupAwsConfigArgs

CloudProviderAccessSetupAzureConfig, CloudProviderAccessSetupAzureConfigArgs

CloudProviderAccessSetupGcpConfig, CloudProviderAccessSetupGcpConfigArgs

Import

Package Details

On this page

On this page