mongodbatlas logo
MongoDB Atlas v3.7.2, Mar 31 23

mongodbatlas.CustomDbRole

Explore with Pulumi AI

mongodbatlas.CustomDbRole provides a Custom DB Role resource. The customDBRoles resource lets you retrieve, create and modify the custom MongoDB roles in your cluster. Use custom MongoDB roles to specify custom sets of actions which cannot be described by the built-in Atlas database user privileges.

IMPORTANT You define custom roles at the project level for all clusters in the project. The mongodbatlas.CustomDbRole resource supports a subset of MongoDB privilege actions. For a complete list of privilege actions available for this resource, see Custom Role actions. Custom roles must include actions that all project’s clusters support, and that are compatible with each MongoDB version used by your project’s clusters. For example, if your project has MongoDB 4.2 clusters, you can’t create custom roles that use actions introduced in MongoDB 4.4.

NOTE: Groups and projects are synonymous terms. You may find group_id in the official documentation.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var testRole = new Mongodbatlas.CustomDbRole("testRole", new()
    {
        Actions = new[]
        {
            new Mongodbatlas.Inputs.CustomDbRoleActionArgs
            {
                Action = "UPDATE",
                Resources = new[]
                {
                    new Mongodbatlas.Inputs.CustomDbRoleActionResourceArgs
                    {
                        CollectionName = "",
                        DatabaseName = "anyDatabase",
                    },
                },
            },
            new Mongodbatlas.Inputs.CustomDbRoleActionArgs
            {
                Action = "INSERT",
                Resources = new[]
                {
                    new Mongodbatlas.Inputs.CustomDbRoleActionResourceArgs
                    {
                        CollectionName = "",
                        DatabaseName = "anyDatabase",
                    },
                },
            },
            new Mongodbatlas.Inputs.CustomDbRoleActionArgs
            {
                Action = "REMOVE",
                Resources = new[]
                {
                    new Mongodbatlas.Inputs.CustomDbRoleActionResourceArgs
                    {
                        CollectionName = "",
                        DatabaseName = "anyDatabase",
                    },
                },
            },
        },
        ProjectId = "<PROJECT-ID>",
        RoleName = "myCustomRole",
    });

});
package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewCustomDbRole(ctx, "testRole", &mongodbatlas.CustomDbRoleArgs{
			Actions: mongodbatlas.CustomDbRoleActionArray{
				&mongodbatlas.CustomDbRoleActionArgs{
					Action: pulumi.String("UPDATE"),
					Resources: mongodbatlas.CustomDbRoleActionResourceArray{
						&mongodbatlas.CustomDbRoleActionResourceArgs{
							CollectionName: pulumi.String(""),
							DatabaseName:   pulumi.String("anyDatabase"),
						},
					},
				},
				&mongodbatlas.CustomDbRoleActionArgs{
					Action: pulumi.String("INSERT"),
					Resources: mongodbatlas.CustomDbRoleActionResourceArray{
						&mongodbatlas.CustomDbRoleActionResourceArgs{
							CollectionName: pulumi.String(""),
							DatabaseName:   pulumi.String("anyDatabase"),
						},
					},
				},
				&mongodbatlas.CustomDbRoleActionArgs{
					Action: pulumi.String("REMOVE"),
					Resources: mongodbatlas.CustomDbRoleActionResourceArray{
						&mongodbatlas.CustomDbRoleActionResourceArgs{
							CollectionName: pulumi.String(""),
							DatabaseName:   pulumi.String("anyDatabase"),
						},
					},
				},
			},
			ProjectId: pulumi.String("<PROJECT-ID>"),
			RoleName:  pulumi.String("myCustomRole"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.CustomDbRole;
import com.pulumi.mongodbatlas.CustomDbRoleArgs;
import com.pulumi.mongodbatlas.inputs.CustomDbRoleActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testRole = new CustomDbRole("testRole", CustomDbRoleArgs.builder()        
            .actions(            
                CustomDbRoleActionArgs.builder()
                    .action("UPDATE")
                    .resources(CustomDbRoleActionResourceArgs.builder()
                        .collectionName("")
                        .databaseName("anyDatabase")
                        .build())
                    .build(),
                CustomDbRoleActionArgs.builder()
                    .action("INSERT")
                    .resources(CustomDbRoleActionResourceArgs.builder()
                        .collectionName("")
                        .databaseName("anyDatabase")
                        .build())
                    .build(),
                CustomDbRoleActionArgs.builder()
                    .action("REMOVE")
                    .resources(CustomDbRoleActionResourceArgs.builder()
                        .collectionName("")
                        .databaseName("anyDatabase")
                        .build())
                    .build())
            .projectId("<PROJECT-ID>")
            .roleName("myCustomRole")
            .build());

    }
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_role = mongodbatlas.CustomDbRole("testRole",
    actions=[
        mongodbatlas.CustomDbRoleActionArgs(
            action="UPDATE",
            resources=[mongodbatlas.CustomDbRoleActionResourceArgs(
                collection_name="",
                database_name="anyDatabase",
            )],
        ),
        mongodbatlas.CustomDbRoleActionArgs(
            action="INSERT",
            resources=[mongodbatlas.CustomDbRoleActionResourceArgs(
                collection_name="",
                database_name="anyDatabase",
            )],
        ),
        mongodbatlas.CustomDbRoleActionArgs(
            action="REMOVE",
            resources=[mongodbatlas.CustomDbRoleActionResourceArgs(
                collection_name="",
                database_name="anyDatabase",
            )],
        ),
    ],
    project_id="<PROJECT-ID>",
    role_name="myCustomRole")
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testRole = new mongodbatlas.CustomDbRole("testRole", {
    actions: [
        {
            action: "UPDATE",
            resources: [{
                collectionName: "",
                databaseName: "anyDatabase",
            }],
        },
        {
            action: "INSERT",
            resources: [{
                collectionName: "",
                databaseName: "anyDatabase",
            }],
        },
        {
            action: "REMOVE",
            resources: [{
                collectionName: "",
                databaseName: "anyDatabase",
            }],
        },
    ],
    projectId: "<PROJECT-ID>",
    roleName: "myCustomRole",
});
resources:
  testRole:
    type: mongodbatlas:CustomDbRole
    properties:
      actions:
        - action: UPDATE
          resources:
            - collectionName:
              databaseName: anyDatabase
        - action: INSERT
          resources:
            - collectionName:
              databaseName: anyDatabase
        - action: REMOVE
          resources:
            - collectionName:
              databaseName: anyDatabase
      projectId: <PROJECT-ID>
      roleName: myCustomRole

With Inherited Roles

using System.Collections.Generic;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var inheritedRoleOne = new Mongodbatlas.CustomDbRole("inheritedRoleOne", new()
    {
        ProjectId = "<PROJECT-ID>",
        RoleName = "insertRole",
        Actions = new[]
        {
            new Mongodbatlas.Inputs.CustomDbRoleActionArgs
            {
                Action = "INSERT",
                Resources = new[]
                {
                    new Mongodbatlas.Inputs.CustomDbRoleActionResourceArgs
                    {
                        CollectionName = "",
                        DatabaseName = "anyDatabase",
                    },
                },
            },
        },
    });

    var inheritedRoleTwo = new Mongodbatlas.CustomDbRole("inheritedRoleTwo", new()
    {
        ProjectId = inheritedRoleOne.ProjectId,
        RoleName = "statusServerRole",
        Actions = new[]
        {
            new Mongodbatlas.Inputs.CustomDbRoleActionArgs
            {
                Action = "SERVER_STATUS",
                Resources = new[]
                {
                    new Mongodbatlas.Inputs.CustomDbRoleActionResourceArgs
                    {
                        Cluster = true,
                    },
                },
            },
        },
    });

    var testRole = new Mongodbatlas.CustomDbRole("testRole", new()
    {
        ProjectId = inheritedRoleOne.ProjectId,
        RoleName = "myCustomRole",
        Actions = new[]
        {
            new Mongodbatlas.Inputs.CustomDbRoleActionArgs
            {
                Action = "UPDATE",
                Resources = new[]
                {
                    new Mongodbatlas.Inputs.CustomDbRoleActionResourceArgs
                    {
                        CollectionName = "",
                        DatabaseName = "anyDatabase",
                    },
                },
            },
            new Mongodbatlas.Inputs.CustomDbRoleActionArgs
            {
                Action = "REMOVE",
                Resources = new[]
                {
                    new Mongodbatlas.Inputs.CustomDbRoleActionResourceArgs
                    {
                        CollectionName = "",
                        DatabaseName = "anyDatabase",
                    },
                },
            },
        },
        InheritedRoles = new[]
        {
            new Mongodbatlas.Inputs.CustomDbRoleInheritedRoleArgs
            {
                RoleName = inheritedRoleOne.RoleName,
                DatabaseName = "admin",
            },
            new Mongodbatlas.Inputs.CustomDbRoleInheritedRoleArgs
            {
                RoleName = inheritedRoleTwo.RoleName,
                DatabaseName = "admin",
            },
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		inheritedRoleOne, err := mongodbatlas.NewCustomDbRole(ctx, "inheritedRoleOne", &mongodbatlas.CustomDbRoleArgs{
			ProjectId: pulumi.String("<PROJECT-ID>"),
			RoleName:  pulumi.String("insertRole"),
			Actions: mongodbatlas.CustomDbRoleActionArray{
				&mongodbatlas.CustomDbRoleActionArgs{
					Action: pulumi.String("INSERT"),
					Resources: mongodbatlas.CustomDbRoleActionResourceArray{
						&mongodbatlas.CustomDbRoleActionResourceArgs{
							CollectionName: pulumi.String(""),
							DatabaseName:   pulumi.String("anyDatabase"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		inheritedRoleTwo, err := mongodbatlas.NewCustomDbRole(ctx, "inheritedRoleTwo", &mongodbatlas.CustomDbRoleArgs{
			ProjectId: inheritedRoleOne.ProjectId,
			RoleName:  pulumi.String("statusServerRole"),
			Actions: mongodbatlas.CustomDbRoleActionArray{
				&mongodbatlas.CustomDbRoleActionArgs{
					Action: pulumi.String("SERVER_STATUS"),
					Resources: mongodbatlas.CustomDbRoleActionResourceArray{
						&mongodbatlas.CustomDbRoleActionResourceArgs{
							Cluster: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = mongodbatlas.NewCustomDbRole(ctx, "testRole", &mongodbatlas.CustomDbRoleArgs{
			ProjectId: inheritedRoleOne.ProjectId,
			RoleName:  pulumi.String("myCustomRole"),
			Actions: mongodbatlas.CustomDbRoleActionArray{
				&mongodbatlas.CustomDbRoleActionArgs{
					Action: pulumi.String("UPDATE"),
					Resources: mongodbatlas.CustomDbRoleActionResourceArray{
						&mongodbatlas.CustomDbRoleActionResourceArgs{
							CollectionName: pulumi.String(""),
							DatabaseName:   pulumi.String("anyDatabase"),
						},
					},
				},
				&mongodbatlas.CustomDbRoleActionArgs{
					Action: pulumi.String("REMOVE"),
					Resources: mongodbatlas.CustomDbRoleActionResourceArray{
						&mongodbatlas.CustomDbRoleActionResourceArgs{
							CollectionName: pulumi.String(""),
							DatabaseName:   pulumi.String("anyDatabase"),
						},
					},
				},
			},
			InheritedRoles: mongodbatlas.CustomDbRoleInheritedRoleArray{
				&mongodbatlas.CustomDbRoleInheritedRoleArgs{
					RoleName:     inheritedRoleOne.RoleName,
					DatabaseName: pulumi.String("admin"),
				},
				&mongodbatlas.CustomDbRoleInheritedRoleArgs{
					RoleName:     inheritedRoleTwo.RoleName,
					DatabaseName: pulumi.String("admin"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.CustomDbRole;
import com.pulumi.mongodbatlas.CustomDbRoleArgs;
import com.pulumi.mongodbatlas.inputs.CustomDbRoleActionArgs;
import com.pulumi.mongodbatlas.inputs.CustomDbRoleInheritedRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var inheritedRoleOne = new CustomDbRole("inheritedRoleOne", CustomDbRoleArgs.builder()        
            .projectId("<PROJECT-ID>")
            .roleName("insertRole")
            .actions(CustomDbRoleActionArgs.builder()
                .action("INSERT")
                .resources(CustomDbRoleActionResourceArgs.builder()
                    .collectionName("")
                    .databaseName("anyDatabase")
                    .build())
                .build())
            .build());

        var inheritedRoleTwo = new CustomDbRole("inheritedRoleTwo", CustomDbRoleArgs.builder()        
            .projectId(inheritedRoleOne.projectId())
            .roleName("statusServerRole")
            .actions(CustomDbRoleActionArgs.builder()
                .action("SERVER_STATUS")
                .resources(CustomDbRoleActionResourceArgs.builder()
                    .cluster(true)
                    .build())
                .build())
            .build());

        var testRole = new CustomDbRole("testRole", CustomDbRoleArgs.builder()        
            .projectId(inheritedRoleOne.projectId())
            .roleName("myCustomRole")
            .actions(            
                CustomDbRoleActionArgs.builder()
                    .action("UPDATE")
                    .resources(CustomDbRoleActionResourceArgs.builder()
                        .collectionName("")
                        .databaseName("anyDatabase")
                        .build())
                    .build(),
                CustomDbRoleActionArgs.builder()
                    .action("REMOVE")
                    .resources(CustomDbRoleActionResourceArgs.builder()
                        .collectionName("")
                        .databaseName("anyDatabase")
                        .build())
                    .build())
            .inheritedRoles(            
                CustomDbRoleInheritedRoleArgs.builder()
                    .roleName(inheritedRoleOne.roleName())
                    .databaseName("admin")
                    .build(),
                CustomDbRoleInheritedRoleArgs.builder()
                    .roleName(inheritedRoleTwo.roleName())
                    .databaseName("admin")
                    .build())
            .build());

    }
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

inherited_role_one = mongodbatlas.CustomDbRole("inheritedRoleOne",
    project_id="<PROJECT-ID>",
    role_name="insertRole",
    actions=[mongodbatlas.CustomDbRoleActionArgs(
        action="INSERT",
        resources=[mongodbatlas.CustomDbRoleActionResourceArgs(
            collection_name="",
            database_name="anyDatabase",
        )],
    )])
inherited_role_two = mongodbatlas.CustomDbRole("inheritedRoleTwo",
    project_id=inherited_role_one.project_id,
    role_name="statusServerRole",
    actions=[mongodbatlas.CustomDbRoleActionArgs(
        action="SERVER_STATUS",
        resources=[mongodbatlas.CustomDbRoleActionResourceArgs(
            cluster=True,
        )],
    )])
test_role = mongodbatlas.CustomDbRole("testRole",
    project_id=inherited_role_one.project_id,
    role_name="myCustomRole",
    actions=[
        mongodbatlas.CustomDbRoleActionArgs(
            action="UPDATE",
            resources=[mongodbatlas.CustomDbRoleActionResourceArgs(
                collection_name="",
                database_name="anyDatabase",
            )],
        ),
        mongodbatlas.CustomDbRoleActionArgs(
            action="REMOVE",
            resources=[mongodbatlas.CustomDbRoleActionResourceArgs(
                collection_name="",
                database_name="anyDatabase",
            )],
        ),
    ],
    inherited_roles=[
        mongodbatlas.CustomDbRoleInheritedRoleArgs(
            role_name=inherited_role_one.role_name,
            database_name="admin",
        ),
        mongodbatlas.CustomDbRoleInheritedRoleArgs(
            role_name=inherited_role_two.role_name,
            database_name="admin",
        ),
    ])
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const inheritedRoleOne = new mongodbatlas.CustomDbRole("inheritedRoleOne", {
    projectId: "<PROJECT-ID>",
    roleName: "insertRole",
    actions: [{
        action: "INSERT",
        resources: [{
            collectionName: "",
            databaseName: "anyDatabase",
        }],
    }],
});
const inheritedRoleTwo = new mongodbatlas.CustomDbRole("inheritedRoleTwo", {
    projectId: inheritedRoleOne.projectId,
    roleName: "statusServerRole",
    actions: [{
        action: "SERVER_STATUS",
        resources: [{
            cluster: true,
        }],
    }],
});
const testRole = new mongodbatlas.CustomDbRole("testRole", {
    projectId: inheritedRoleOne.projectId,
    roleName: "myCustomRole",
    actions: [
        {
            action: "UPDATE",
            resources: [{
                collectionName: "",
                databaseName: "anyDatabase",
            }],
        },
        {
            action: "REMOVE",
            resources: [{
                collectionName: "",
                databaseName: "anyDatabase",
            }],
        },
    ],
    inheritedRoles: [
        {
            roleName: inheritedRoleOne.roleName,
            databaseName: "admin",
        },
        {
            roleName: inheritedRoleTwo.roleName,
            databaseName: "admin",
        },
    ],
});
resources:
  inheritedRoleOne:
    type: mongodbatlas:CustomDbRole
    properties:
      projectId: <PROJECT-ID>
      roleName: insertRole
      actions:
        - action: INSERT
          resources:
            - collectionName:
              databaseName: anyDatabase
  inheritedRoleTwo:
    type: mongodbatlas:CustomDbRole
    properties:
      projectId: ${inheritedRoleOne.projectId}
      roleName: statusServerRole
      actions:
        - action: SERVER_STATUS
          resources:
            - cluster: true
  testRole:
    type: mongodbatlas:CustomDbRole
    properties:
      projectId: ${inheritedRoleOne.projectId}
      roleName: myCustomRole
      actions:
        - action: UPDATE
          resources:
            - collectionName:
              databaseName: anyDatabase
        - action: REMOVE
          resources:
            - collectionName:
              databaseName: anyDatabase
      inheritedRoles:
        - roleName: ${inheritedRoleOne.roleName}
          databaseName: admin
        - roleName: ${inheritedRoleTwo.roleName}
          databaseName: admin

Create CustomDbRole Resource

new CustomDbRole(name: string, args: CustomDbRoleArgs, opts?: CustomResourceOptions);
@overload
def CustomDbRole(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 actions: Optional[Sequence[CustomDbRoleActionArgs]] = None,
                 inherited_roles: Optional[Sequence[CustomDbRoleInheritedRoleArgs]] = None,
                 project_id: Optional[str] = None,
                 role_name: Optional[str] = None)
@overload
def CustomDbRole(resource_name: str,
                 args: CustomDbRoleArgs,
                 opts: Optional[ResourceOptions] = None)
func NewCustomDbRole(ctx *Context, name string, args CustomDbRoleArgs, opts ...ResourceOption) (*CustomDbRole, error)
public CustomDbRole(string name, CustomDbRoleArgs args, CustomResourceOptions? opts = null)
public CustomDbRole(String name, CustomDbRoleArgs args)
public CustomDbRole(String name, CustomDbRoleArgs args, CustomResourceOptions options)
type: mongodbatlas:CustomDbRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CustomDbRoleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CustomDbRoleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CustomDbRoleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CustomDbRoleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CustomDbRoleArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

CustomDbRole Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The CustomDbRole resource accepts the following input properties:

ProjectId string

The unique ID for the project to create the database user.

RoleName string

Name of the custom role.

Actions List<CustomDbRoleActionArgs>
InheritedRoles List<CustomDbRoleInheritedRoleArgs>
ProjectId string

The unique ID for the project to create the database user.

RoleName string

Name of the custom role.

Actions []CustomDbRoleActionArgs
InheritedRoles []CustomDbRoleInheritedRoleArgs
projectId String

The unique ID for the project to create the database user.

roleName String

Name of the custom role.

actions List<CustomDbRoleActionArgs>
inheritedRoles List<CustomDbRoleInheritedRoleArgs>
projectId string

The unique ID for the project to create the database user.

roleName string

Name of the custom role.

actions CustomDbRoleActionArgs[]
inheritedRoles CustomDbRoleInheritedRoleArgs[]
project_id str

The unique ID for the project to create the database user.

role_name str

Name of the custom role.

actions Sequence[CustomDbRoleActionArgs]
inherited_roles Sequence[CustomDbRoleInheritedRoleArgs]
projectId String

The unique ID for the project to create the database user.

roleName String

Name of the custom role.

actions List<Property Map>
inheritedRoles List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the CustomDbRole resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing CustomDbRole Resource

Get an existing CustomDbRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CustomDbRoleState, opts?: CustomResourceOptions): CustomDbRole
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        actions: Optional[Sequence[CustomDbRoleActionArgs]] = None,
        inherited_roles: Optional[Sequence[CustomDbRoleInheritedRoleArgs]] = None,
        project_id: Optional[str] = None,
        role_name: Optional[str] = None) -> CustomDbRole
func GetCustomDbRole(ctx *Context, name string, id IDInput, state *CustomDbRoleState, opts ...ResourceOption) (*CustomDbRole, error)
public static CustomDbRole Get(string name, Input<string> id, CustomDbRoleState? state, CustomResourceOptions? opts = null)
public static CustomDbRole get(String name, Output<String> id, CustomDbRoleState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Actions List<CustomDbRoleActionArgs>
InheritedRoles List<CustomDbRoleInheritedRoleArgs>
ProjectId string

The unique ID for the project to create the database user.

RoleName string

Name of the custom role.

Actions []CustomDbRoleActionArgs
InheritedRoles []CustomDbRoleInheritedRoleArgs
ProjectId string

The unique ID for the project to create the database user.

RoleName string

Name of the custom role.

actions List<CustomDbRoleActionArgs>
inheritedRoles List<CustomDbRoleInheritedRoleArgs>
projectId String

The unique ID for the project to create the database user.

roleName String

Name of the custom role.

actions CustomDbRoleActionArgs[]
inheritedRoles CustomDbRoleInheritedRoleArgs[]
projectId string

The unique ID for the project to create the database user.

roleName string

Name of the custom role.

actions Sequence[CustomDbRoleActionArgs]
inherited_roles Sequence[CustomDbRoleInheritedRoleArgs]
project_id str

The unique ID for the project to create the database user.

role_name str

Name of the custom role.

actions List<Property Map>
inheritedRoles List<Property Map>
projectId String

The unique ID for the project to create the database user.

roleName String

Name of the custom role.

Supporting Types

CustomDbRoleAction

Action string

Name of the privilege action. For a complete list of actions available in the Atlas API, see Custom Role Actions

Note: The privilege actions available to the Custom Roles API resource represent a subset of the privilege actions available in the Atlas Custom Roles UI.

Resources List<CustomDbRoleActionResource>

Contains information on where the action is granted. Each object in the array either indicates a database and collection on which the action is granted, or indicates that the action is granted on the cluster resource.

Action string

Name of the privilege action. For a complete list of actions available in the Atlas API, see Custom Role Actions

Note: The privilege actions available to the Custom Roles API resource represent a subset of the privilege actions available in the Atlas Custom Roles UI.

Resources []CustomDbRoleActionResource

Contains information on where the action is granted. Each object in the array either indicates a database and collection on which the action is granted, or indicates that the action is granted on the cluster resource.

action String

Name of the privilege action. For a complete list of actions available in the Atlas API, see Custom Role Actions

Note: The privilege actions available to the Custom Roles API resource represent a subset of the privilege actions available in the Atlas Custom Roles UI.

resources List<CustomDbRoleActionResource>

Contains information on where the action is granted. Each object in the array either indicates a database and collection on which the action is granted, or indicates that the action is granted on the cluster resource.

action string

Name of the privilege action. For a complete list of actions available in the Atlas API, see Custom Role Actions

Note: The privilege actions available to the Custom Roles API resource represent a subset of the privilege actions available in the Atlas Custom Roles UI.

resources CustomDbRoleActionResource[]

Contains information on where the action is granted. Each object in the array either indicates a database and collection on which the action is granted, or indicates that the action is granted on the cluster resource.

action str

Name of the privilege action. For a complete list of actions available in the Atlas API, see Custom Role Actions

Note: The privilege actions available to the Custom Roles API resource represent a subset of the privilege actions available in the Atlas Custom Roles UI.

resources Sequence[CustomDbRoleActionResource]

Contains information on where the action is granted. Each object in the array either indicates a database and collection on which the action is granted, or indicates that the action is granted on the cluster resource.

action String

Name of the privilege action. For a complete list of actions available in the Atlas API, see Custom Role Actions

Note: The privilege actions available to the Custom Roles API resource represent a subset of the privilege actions available in the Atlas Custom Roles UI.

resources List<Property Map>

Contains information on where the action is granted. Each object in the array either indicates a database and collection on which the action is granted, or indicates that the action is granted on the cluster resource.

CustomDbRoleActionResource

Cluster bool
CollectionName string
DatabaseName string

Database on which the inherited role is granted.

Cluster bool
CollectionName string
DatabaseName string

Database on which the inherited role is granted.

cluster Boolean
collectionName String
databaseName String

Database on which the inherited role is granted.

cluster boolean
collectionName string
databaseName string

Database on which the inherited role is granted.

cluster bool
collection_name str
database_name str

Database on which the inherited role is granted.

cluster Boolean
collectionName String
databaseName String

Database on which the inherited role is granted.

CustomDbRoleInheritedRole

DatabaseName string

Database on which the inherited role is granted.

RoleName string

Name of the inherited role. This can either be another custom role or a built-in role.

DatabaseName string

Database on which the inherited role is granted.

RoleName string

Name of the inherited role. This can either be another custom role or a built-in role.

databaseName String

Database on which the inherited role is granted.

roleName String

Name of the inherited role. This can either be another custom role or a built-in role.

databaseName string

Database on which the inherited role is granted.

roleName string

Name of the inherited role. This can either be another custom role or a built-in role.

database_name str

Database on which the inherited role is granted.

role_name str

Name of the inherited role. This can either be another custom role or a built-in role.

databaseName String

Database on which the inherited role is granted.

roleName String

Name of the inherited role. This can either be another custom role or a built-in role.

Import

Database users can be imported using project ID and username, in the format PROJECTID-ROLENAME, e.g.

 $ pulumi import mongodbatlas:index/customDbRole:CustomDbRole my_role 1112222b3bf99403840e8934-MyCustomRole

For more information seeMongoDB Atlas API Reference.

Package Details

Repository
MongoDB Atlas pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes

This Pulumi package is based on the mongodbatlas Terraform Provider.