mongodbatlas logo
MongoDB Atlas v3.7.2, Mar 31 23

mongodbatlas.DatabaseUser

Explore with Pulumi AI

Import

Database users can be imported using project ID and username, in the format project_id-username-auth_database_name, e.g.

 $ pulumi import mongodbatlas:index/databaseUser:DatabaseUser my_user 1112222b3bf99403840e8934-my_user-admin

Example Usage

S

using System.Collections.Generic;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var test = new Mongodbatlas.DatabaseUser("test", new()
    {
        AuthDatabaseName = "admin",
        Labels = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserLabelArgs
            {
                Key = "My Key",
                Value = "My Value",
            },
        },
        Password = "test-acc-password",
        ProjectId = "<PROJECT-ID>",
        Roles = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserRoleArgs
            {
                DatabaseName = "dbforApp",
                RoleName = "readWrite",
            },
            new Mongodbatlas.Inputs.DatabaseUserRoleArgs
            {
                DatabaseName = "admin",
                RoleName = "readAnyDatabase",
            },
        },
        Scopes = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserScopeArgs
            {
                Name = "My cluster name",
                Type = "CLUSTER",
            },
            new Mongodbatlas.Inputs.DatabaseUserScopeArgs
            {
                Name = "My second cluster name",
                Type = "CLUSTER",
            },
        },
        Username = "test-acc-username",
    });

});
package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewDatabaseUser(ctx, "test", &mongodbatlas.DatabaseUserArgs{
			AuthDatabaseName: pulumi.String("admin"),
			Labels: mongodbatlas.DatabaseUserLabelArray{
				&mongodbatlas.DatabaseUserLabelArgs{
					Key:   pulumi.String("My Key"),
					Value: pulumi.String("My Value"),
				},
			},
			Password:  pulumi.String("test-acc-password"),
			ProjectId: pulumi.String("<PROJECT-ID>"),
			Roles: mongodbatlas.DatabaseUserRoleArray{
				&mongodbatlas.DatabaseUserRoleArgs{
					DatabaseName: pulumi.String("dbforApp"),
					RoleName:     pulumi.String("readWrite"),
				},
				&mongodbatlas.DatabaseUserRoleArgs{
					DatabaseName: pulumi.String("admin"),
					RoleName:     pulumi.String("readAnyDatabase"),
				},
			},
			Scopes: mongodbatlas.DatabaseUserScopeArray{
				&mongodbatlas.DatabaseUserScopeArgs{
					Name: pulumi.String("My cluster name"),
					Type: pulumi.String("CLUSTER"),
				},
				&mongodbatlas.DatabaseUserScopeArgs{
					Name: pulumi.String("My second cluster name"),
					Type: pulumi.String("CLUSTER"),
				},
			},
			Username: pulumi.String("test-acc-username"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.DatabaseUser;
import com.pulumi.mongodbatlas.DatabaseUserArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserLabelArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserRoleArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new DatabaseUser("test", DatabaseUserArgs.builder()        
            .authDatabaseName("admin")
            .labels(DatabaseUserLabelArgs.builder()
                .key("My Key")
                .value("My Value")
                .build())
            .password("test-acc-password")
            .projectId("<PROJECT-ID>")
            .roles(            
                DatabaseUserRoleArgs.builder()
                    .databaseName("dbforApp")
                    .roleName("readWrite")
                    .build(),
                DatabaseUserRoleArgs.builder()
                    .databaseName("admin")
                    .roleName("readAnyDatabase")
                    .build())
            .scopes(            
                DatabaseUserScopeArgs.builder()
                    .name("My cluster name")
                    .type("CLUSTER")
                    .build(),
                DatabaseUserScopeArgs.builder()
                    .name("My second cluster name")
                    .type("CLUSTER")
                    .build())
            .username("test-acc-username")
            .build());

    }
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test = mongodbatlas.DatabaseUser("test",
    auth_database_name="admin",
    labels=[mongodbatlas.DatabaseUserLabelArgs(
        key="My Key",
        value="My Value",
    )],
    password="test-acc-password",
    project_id="<PROJECT-ID>",
    roles=[
        mongodbatlas.DatabaseUserRoleArgs(
            database_name="dbforApp",
            role_name="readWrite",
        ),
        mongodbatlas.DatabaseUserRoleArgs(
            database_name="admin",
            role_name="readAnyDatabase",
        ),
    ],
    scopes=[
        mongodbatlas.DatabaseUserScopeArgs(
            name="My cluster name",
            type="CLUSTER",
        ),
        mongodbatlas.DatabaseUserScopeArgs(
            name="My second cluster name",
            type="CLUSTER",
        ),
    ],
    username="test-acc-username")
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const test = new mongodbatlas.DatabaseUser("test", {
    authDatabaseName: "admin",
    labels: [{
        key: "My Key",
        value: "My Value",
    }],
    password: "test-acc-password",
    projectId: "<PROJECT-ID>",
    roles: [
        {
            databaseName: "dbforApp",
            roleName: "readWrite",
        },
        {
            databaseName: "admin",
            roleName: "readAnyDatabase",
        },
    ],
    scopes: [
        {
            name: "My cluster name",
            type: "CLUSTER",
        },
        {
            name: "My second cluster name",
            type: "CLUSTER",
        },
    ],
    username: "test-acc-username",
});
resources:
  test:
    type: mongodbatlas:DatabaseUser
    properties:
      authDatabaseName: admin
      labels:
        - key: My Key
          value: My Value
      password: test-acc-password
      projectId: <PROJECT-ID>
      roles:
        - databaseName: dbforApp
          roleName: readWrite
        - databaseName: admin
          roleName: readAnyDatabase
      scopes:
        - name: My cluster name
          type: CLUSTER
        - name: My second cluster name
          type: CLUSTER
      username: test-acc-username
using System.Collections.Generic;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var test = new Mongodbatlas.DatabaseUser("test", new()
    {
        AuthDatabaseName = "$external",
        Labels = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserLabelArgs
            {
                Key = "%s",
                Value = "%s",
            },
        },
        ProjectId = "<PROJECT-ID>",
        Roles = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserRoleArgs
            {
                DatabaseName = "admin",
                RoleName = "readAnyDatabase",
            },
        },
        Scopes = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserScopeArgs
            {
                Name = "My cluster name",
                Type = "CLUSTER",
            },
        },
        Username = "test-acc-username",
        X509Type = "MANAGED",
    });

});
package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewDatabaseUser(ctx, "test", &mongodbatlas.DatabaseUserArgs{
			AuthDatabaseName: pulumi.String("$external"),
			Labels: mongodbatlas.DatabaseUserLabelArray{
				&mongodbatlas.DatabaseUserLabelArgs{
					Key:   pulumi.String("%s"),
					Value: pulumi.String("%s"),
				},
			},
			ProjectId: pulumi.String("<PROJECT-ID>"),
			Roles: mongodbatlas.DatabaseUserRoleArray{
				&mongodbatlas.DatabaseUserRoleArgs{
					DatabaseName: pulumi.String("admin"),
					RoleName:     pulumi.String("readAnyDatabase"),
				},
			},
			Scopes: mongodbatlas.DatabaseUserScopeArray{
				&mongodbatlas.DatabaseUserScopeArgs{
					Name: pulumi.String("My cluster name"),
					Type: pulumi.String("CLUSTER"),
				},
			},
			Username: pulumi.String("test-acc-username"),
			X509Type: pulumi.String("MANAGED"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.DatabaseUser;
import com.pulumi.mongodbatlas.DatabaseUserArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserLabelArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserRoleArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new DatabaseUser("test", DatabaseUserArgs.builder()        
            .authDatabaseName("$external")
            .labels(DatabaseUserLabelArgs.builder()
                .key("%s")
                .value("%s")
                .build())
            .projectId("<PROJECT-ID>")
            .roles(DatabaseUserRoleArgs.builder()
                .databaseName("admin")
                .roleName("readAnyDatabase")
                .build())
            .scopes(DatabaseUserScopeArgs.builder()
                .name("My cluster name")
                .type("CLUSTER")
                .build())
            .username("test-acc-username")
            .x509Type("MANAGED")
            .build());

    }
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test = mongodbatlas.DatabaseUser("test",
    auth_database_name="$external",
    labels=[mongodbatlas.DatabaseUserLabelArgs(
        key="%s",
        value="%s",
    )],
    project_id="<PROJECT-ID>",
    roles=[mongodbatlas.DatabaseUserRoleArgs(
        database_name="admin",
        role_name="readAnyDatabase",
    )],
    scopes=[mongodbatlas.DatabaseUserScopeArgs(
        name="My cluster name",
        type="CLUSTER",
    )],
    username="test-acc-username",
    x509_type="MANAGED")
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const test = new mongodbatlas.DatabaseUser("test", {
    authDatabaseName: "$external",
    labels: [{
        key: "%s",
        value: "%s",
    }],
    projectId: "<PROJECT-ID>",
    roles: [{
        databaseName: "admin",
        roleName: "readAnyDatabase",
    }],
    scopes: [{
        name: "My cluster name",
        type: "CLUSTER",
    }],
    username: "test-acc-username",
    x509Type: "MANAGED",
});
resources:
  test:
    type: mongodbatlas:DatabaseUser
    properties:
      authDatabaseName: $external
      labels:
        - key: '%s'
          value: '%s'
      projectId: <PROJECT-ID>
      roles:
        - databaseName: admin
          roleName: readAnyDatabase
      scopes:
        - name: My cluster name
          type: CLUSTER
      username: test-acc-username
      x509Type: MANAGED
using System.Collections.Generic;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var test = new Mongodbatlas.DatabaseUser("test", new()
    {
        Username = aws_iam_role.Test.Arn,
        ProjectId = "<PROJECT-ID>",
        AuthDatabaseName = "$external",
        AwsIamType = "ROLE",
        Roles = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserRoleArgs
            {
                RoleName = "readAnyDatabase",
                DatabaseName = "admin",
            },
        },
        Labels = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserLabelArgs
            {
                Key = "%s",
                Value = "%s",
            },
        },
        Scopes = new[]
        {
            new Mongodbatlas.Inputs.DatabaseUserScopeArgs
            {
                Name = "My cluster name",
                Type = "CLUSTER",
            },
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewDatabaseUser(ctx, "test", &mongodbatlas.DatabaseUserArgs{
			Username:         pulumi.Any(aws_iam_role.Test.Arn),
			ProjectId:        pulumi.String("<PROJECT-ID>"),
			AuthDatabaseName: pulumi.String("$external"),
			AwsIamType:       pulumi.String("ROLE"),
			Roles: mongodbatlas.DatabaseUserRoleArray{
				&mongodbatlas.DatabaseUserRoleArgs{
					RoleName:     pulumi.String("readAnyDatabase"),
					DatabaseName: pulumi.String("admin"),
				},
			},
			Labels: mongodbatlas.DatabaseUserLabelArray{
				&mongodbatlas.DatabaseUserLabelArgs{
					Key:   pulumi.String("%s"),
					Value: pulumi.String("%s"),
				},
			},
			Scopes: mongodbatlas.DatabaseUserScopeArray{
				&mongodbatlas.DatabaseUserScopeArgs{
					Name: pulumi.String("My cluster name"),
					Type: pulumi.String("CLUSTER"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.DatabaseUser;
import com.pulumi.mongodbatlas.DatabaseUserArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserRoleArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserLabelArgs;
import com.pulumi.mongodbatlas.inputs.DatabaseUserScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new DatabaseUser("test", DatabaseUserArgs.builder()        
            .username(aws_iam_role.test().arn())
            .projectId("<PROJECT-ID>")
            .authDatabaseName("$external")
            .awsIamType("ROLE")
            .roles(DatabaseUserRoleArgs.builder()
                .roleName("readAnyDatabase")
                .databaseName("admin")
                .build())
            .labels(DatabaseUserLabelArgs.builder()
                .key("%s")
                .value("%s")
                .build())
            .scopes(DatabaseUserScopeArgs.builder()
                .name("My cluster name")
                .type("CLUSTER")
                .build())
            .build());

    }
}
import pulumi
import pulumi_mongodbatlas as mongodbatlas

test = mongodbatlas.DatabaseUser("test",
    username=aws_iam_role["test"]["arn"],
    project_id="<PROJECT-ID>",
    auth_database_name="$external",
    aws_iam_type="ROLE",
    roles=[mongodbatlas.DatabaseUserRoleArgs(
        role_name="readAnyDatabase",
        database_name="admin",
    )],
    labels=[mongodbatlas.DatabaseUserLabelArgs(
        key="%s",
        value="%s",
    )],
    scopes=[mongodbatlas.DatabaseUserScopeArgs(
        name="My cluster name",
        type="CLUSTER",
    )])
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const test = new mongodbatlas.DatabaseUser("test", {
    username: aws_iam_role.test.arn,
    projectId: "<PROJECT-ID>",
    authDatabaseName: "$external",
    awsIamType: "ROLE",
    roles: [{
        roleName: "readAnyDatabase",
        databaseName: "admin",
    }],
    labels: [{
        key: "%s",
        value: "%s",
    }],
    scopes: [{
        name: "My cluster name",
        type: "CLUSTER",
    }],
});
resources:
  test:
    type: mongodbatlas:DatabaseUser
    properties:
      username: ${aws_iam_role.test.arn}
      projectId: <PROJECT-ID>
      authDatabaseName: $external
      awsIamType: ROLE
      roles:
        - roleName: readAnyDatabase
          databaseName: admin
      labels:
        - key: '%s'
          value: '%s'
      scopes:
        - name: My cluster name
          type: CLUSTER

Create DatabaseUser Resource

new DatabaseUser(name: string, args: DatabaseUserArgs, opts?: CustomResourceOptions);
@overload
def DatabaseUser(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 auth_database_name: Optional[str] = None,
                 aws_iam_type: Optional[str] = None,
                 database_name: Optional[str] = None,
                 labels: Optional[Sequence[DatabaseUserLabelArgs]] = None,
                 ldap_auth_type: Optional[str] = None,
                 password: Optional[str] = None,
                 project_id: Optional[str] = None,
                 roles: Optional[Sequence[DatabaseUserRoleArgs]] = None,
                 scopes: Optional[Sequence[DatabaseUserScopeArgs]] = None,
                 username: Optional[str] = None,
                 x509_type: Optional[str] = None)
@overload
def DatabaseUser(resource_name: str,
                 args: DatabaseUserArgs,
                 opts: Optional[ResourceOptions] = None)
func NewDatabaseUser(ctx *Context, name string, args DatabaseUserArgs, opts ...ResourceOption) (*DatabaseUser, error)
public DatabaseUser(string name, DatabaseUserArgs args, CustomResourceOptions? opts = null)
public DatabaseUser(String name, DatabaseUserArgs args)
public DatabaseUser(String name, DatabaseUserArgs args, CustomResourceOptions options)
type: mongodbatlas:DatabaseUser
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args DatabaseUserArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

DatabaseUser Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The DatabaseUser resource accepts the following input properties:

ProjectId string

The unique ID for the project to create the database user.

Roles List<DatabaseUserRoleArgs>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Username string

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

AuthDatabaseName string

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

AwsIamType string

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

Labels List<DatabaseUserLabelArgs>
LdapAuthType string

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

Password string
Scopes List<DatabaseUserScopeArgs>
X509Type string

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

ProjectId string

The unique ID for the project to create the database user.

Roles []DatabaseUserRoleArgs

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Username string

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

AuthDatabaseName string

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

AwsIamType string

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

Labels []DatabaseUserLabelArgs
LdapAuthType string

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

Password string
Scopes []DatabaseUserScopeArgs
X509Type string

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

projectId String

The unique ID for the project to create the database user.

roles List<DatabaseUserRoleArgs>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

username String

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

authDatabaseName String

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

awsIamType String

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels List<DatabaseUserLabelArgs>
ldapAuthType String

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password String
scopes List<DatabaseUserScopeArgs>
x509Type String

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

projectId string

The unique ID for the project to create the database user.

roles DatabaseUserRoleArgs[]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

username string

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

authDatabaseName string

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

awsIamType string

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels DatabaseUserLabelArgs[]
ldapAuthType string

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password string
scopes DatabaseUserScopeArgs[]
x509Type string

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

project_id str

The unique ID for the project to create the database user.

roles Sequence[DatabaseUserRoleArgs]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

username str

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

auth_database_name str

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

aws_iam_type str

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels Sequence[DatabaseUserLabelArgs]
ldap_auth_type str

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password str
scopes Sequence[DatabaseUserScopeArgs]
x509_type str

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

projectId String

The unique ID for the project to create the database user.

roles List<Property Map>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

username String

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

authDatabaseName String

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

awsIamType String

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels List<Property Map>
ldapAuthType String

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password String
scopes List<Property Map>
x509Type String

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

Outputs

All input properties are implicitly available as output properties. Additionally, the DatabaseUser resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing DatabaseUser Resource

Get an existing DatabaseUser resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: DatabaseUserState, opts?: CustomResourceOptions): DatabaseUser
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        auth_database_name: Optional[str] = None,
        aws_iam_type: Optional[str] = None,
        database_name: Optional[str] = None,
        labels: Optional[Sequence[DatabaseUserLabelArgs]] = None,
        ldap_auth_type: Optional[str] = None,
        password: Optional[str] = None,
        project_id: Optional[str] = None,
        roles: Optional[Sequence[DatabaseUserRoleArgs]] = None,
        scopes: Optional[Sequence[DatabaseUserScopeArgs]] = None,
        username: Optional[str] = None,
        x509_type: Optional[str] = None) -> DatabaseUser
func GetDatabaseUser(ctx *Context, name string, id IDInput, state *DatabaseUserState, opts ...ResourceOption) (*DatabaseUser, error)
public static DatabaseUser Get(string name, Input<string> id, DatabaseUserState? state, CustomResourceOptions? opts = null)
public static DatabaseUser get(String name, Output<String> id, DatabaseUserState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AuthDatabaseName string

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

AwsIamType string

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

Labels List<DatabaseUserLabelArgs>
LdapAuthType string

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

Password string
ProjectId string

The unique ID for the project to create the database user.

Roles List<DatabaseUserRoleArgs>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes List<DatabaseUserScopeArgs>
Username string

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

X509Type string

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

AuthDatabaseName string

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

AwsIamType string

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

Labels []DatabaseUserLabelArgs
LdapAuthType string

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

Password string
ProjectId string

The unique ID for the project to create the database user.

Roles []DatabaseUserRoleArgs

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes []DatabaseUserScopeArgs
Username string

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

X509Type string

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

authDatabaseName String

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

awsIamType String

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels List<DatabaseUserLabelArgs>
ldapAuthType String

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password String
projectId String

The unique ID for the project to create the database user.

roles List<DatabaseUserRoleArgs>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes List<DatabaseUserScopeArgs>
username String

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

x509Type String

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

authDatabaseName string

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

awsIamType string

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels DatabaseUserLabelArgs[]
ldapAuthType string

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password string
projectId string

The unique ID for the project to create the database user.

roles DatabaseUserRoleArgs[]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes DatabaseUserScopeArgs[]
username string

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

x509Type string

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

auth_database_name str

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

aws_iam_type str

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels Sequence[DatabaseUserLabelArgs]
ldap_auth_type str

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password str
project_id str

The unique ID for the project to create the database user.

roles Sequence[DatabaseUserRoleArgs]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes Sequence[DatabaseUserScopeArgs]
username str

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

x509_type str

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

authDatabaseName String

Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Accepted values include:

awsIamType String

If this value is set, the new database user authenticates with AWS IAM credentials. If no value is given, Atlas uses the default value of NONE. The accepted types are:

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

labels List<Property Map>
ldapAuthType String

Method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE.

password String
projectId String

The unique ID for the project to create the database user.

roles List<Property Map>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes List<Property Map>
username String

Username for authenticating to MongoDB. USER_ARN or ROLE_ARN if aws_iam_type is USER or ROLE.

x509Type String

X.509 method by which the provided username is authenticated. If no value is given, Atlas uses the default value of NONE. The accepted types are:

Supporting Types

DatabaseUserLabel

Key string

The key that you want to write.

Value string

The value that you want to write.

Key string

The key that you want to write.

Value string

The value that you want to write.

key String

The key that you want to write.

value String

The value that you want to write.

key string

The key that you want to write.

value string

The value that you want to write.

key str

The key that you want to write.

value str

The value that you want to write.

key String

The key that you want to write.

value String

The value that you want to write.

DatabaseUserRole

CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string

Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.

CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string

Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.

collectionName String

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName String

Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.

collectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName string

Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.

collection_name str

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

role_name str

Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.

collectionName String

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName String

Name of the role to grant. See Create a Database User roles.roleName for valid values and restrictions.

DatabaseUserScope

Name string

Name of the cluster or Atlas Data Lake that the user has access to.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Name string

Name of the cluster or Atlas Data Lake that the user has access to.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name String

Name of the cluster or Atlas Data Lake that the user has access to.

type String

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name string

Name of the cluster or Atlas Data Lake that the user has access to.

type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name str

Name of the cluster or Atlas Data Lake that the user has access to.

type str

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name String

Name of the cluster or Atlas Data Lake that the user has access to.

type String

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Package Details

Repository
MongoDB Atlas pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes

This Pulumi package is based on the mongodbatlas Terraform Provider.