Docs Packages
  1. Pulumi Registry
  2. MongoDB Atlas
  3. API Docs
  4. getDatabaseUser
mongodbatlas logo
MongoDB Atlas v3.7.2, Mar 31 23

mongodbatlas.getDatabaseUser

Explore with Pulumi AI

mongodbatlas.DatabaseUser describe a Database User. This represents a database user which will be applied to all clusters within the project.

Each user has a set of roles that provide access to the project’s databases. User’s roles apply to all the clusters in the project: if two clusters have a products database and a user has a role granting read access on the products database, the user has that access on both clusters.

NOTE: Groups and projects are synonymous terms. You may find group_id in the official documentation.

Using getDatabaseUser

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDatabaseUser(args: GetDatabaseUserArgs, opts?: InvokeOptions): Promise<GetDatabaseUserResult>
function getDatabaseUserOutput(args: GetDatabaseUserOutputArgs, opts?: InvokeOptions): Output<GetDatabaseUserResult>
def get_database_user(auth_database_name: Optional[str] = None,
                      database_name: Optional[str] = None,
                      project_id: Optional[str] = None,
                      username: Optional[str] = None,
                      opts: Optional[InvokeOptions] = None) -> GetDatabaseUserResult
def get_database_user_output(auth_database_name: Optional[pulumi.Input[str]] = None,
                      database_name: Optional[pulumi.Input[str]] = None,
                      project_id: Optional[pulumi.Input[str]] = None,
                      username: Optional[pulumi.Input[str]] = None,
                      opts: Optional[InvokeOptions] = None) -> Output[GetDatabaseUserResult]
func LookupDatabaseUser(ctx *Context, args *LookupDatabaseUserArgs, opts ...InvokeOption) (*LookupDatabaseUserResult, error)
func LookupDatabaseUserOutput(ctx *Context, args *LookupDatabaseUserOutputArgs, opts ...InvokeOption) LookupDatabaseUserResultOutput

> Note: This function is named LookupDatabaseUser in the Go SDK.

public static class GetDatabaseUser 
{
    public static Task<GetDatabaseUserResult> InvokeAsync(GetDatabaseUserArgs args, InvokeOptions? opts = null)
    public static Output<GetDatabaseUserResult> Invoke(GetDatabaseUserInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetDatabaseUserResult> getDatabaseUser(GetDatabaseUserArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: mongodbatlas:index/getDatabaseUser:getDatabaseUser
  arguments:
    # arguments dictionary

The following arguments are supported:

ProjectId string

The unique ID for the project to create the database user.

Username string

Username for authenticating to MongoDB.

AuthDatabaseName string

The user’s authentication database. A user must provide both a username and authentication database to log into MongoDB. In Atlas deployments of MongoDB, the authentication database is almost always the admin database, for X509 it is $external.

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

ProjectId string

The unique ID for the project to create the database user.

Username string

Username for authenticating to MongoDB.

AuthDatabaseName string

The user’s authentication database. A user must provide both a username and authentication database to log into MongoDB. In Atlas deployments of MongoDB, the authentication database is almost always the admin database, for X509 it is $external.

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

projectId String

The unique ID for the project to create the database user.

username String

Username for authenticating to MongoDB.

authDatabaseName String

The user’s authentication database. A user must provide both a username and authentication database to log into MongoDB. In Atlas deployments of MongoDB, the authentication database is almost always the admin database, for X509 it is $external.

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

projectId string

The unique ID for the project to create the database user.

username string

Username for authenticating to MongoDB.

authDatabaseName string

The user’s authentication database. A user must provide both a username and authentication database to log into MongoDB. In Atlas deployments of MongoDB, the authentication database is almost always the admin database, for X509 it is $external.

databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

project_id str

The unique ID for the project to create the database user.

username str

Username for authenticating to MongoDB.

auth_database_name str

The user’s authentication database. A user must provide both a username and authentication database to log into MongoDB. In Atlas deployments of MongoDB, the authentication database is almost always the admin database, for X509 it is $external.

database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

projectId String

The unique ID for the project to create the database user.

username String

Username for authenticating to MongoDB.

authDatabaseName String

The user’s authentication database. A user must provide both a username and authentication database to log into MongoDB. In Atlas deployments of MongoDB, the authentication database is almost always the admin database, for X509 it is $external.

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

getDatabaseUser Result

The following output properties are available:

AwsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

Id string

The provider-assigned unique ID for this managed resource.

Labels List<GetDatabaseUserLabel>
LdapAuthType string

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

ProjectId string
Roles List<GetDatabaseUserRole>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes List<GetDatabaseUserScope>

Array of clusters and Atlas Data Lakes that this user has access to.

Username string
X509Type string

X.509 method by which the provided username is authenticated.

AuthDatabaseName string
DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

AwsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

Id string

The provider-assigned unique ID for this managed resource.

Labels []GetDatabaseUserLabel
LdapAuthType string

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

ProjectId string
Roles []GetDatabaseUserRole

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes []GetDatabaseUserScope

Array of clusters and Atlas Data Lakes that this user has access to.

Username string
X509Type string

X.509 method by which the provided username is authenticated.

AuthDatabaseName string
DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

awsIamType String

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

id String

The provider-assigned unique ID for this managed resource.

labels List<GetDatabaseUserLabel>
ldapAuthType String

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

projectId String
roles List<GetDatabaseUserRole>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes List<GetDatabaseUserScope>

Array of clusters and Atlas Data Lakes that this user has access to.

username String
x509Type String

X.509 method by which the provided username is authenticated.

authDatabaseName String
databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

awsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

id string

The provider-assigned unique ID for this managed resource.

labels GetDatabaseUserLabel[]
ldapAuthType string

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

projectId string
roles GetDatabaseUserRole[]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes GetDatabaseUserScope[]

Array of clusters and Atlas Data Lakes that this user has access to.

username string
x509Type string

X.509 method by which the provided username is authenticated.

authDatabaseName string
databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

aws_iam_type str

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

id str

The provider-assigned unique ID for this managed resource.

labels Sequence[GetDatabaseUserLabel]
ldap_auth_type str

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

project_id str
roles Sequence[GetDatabaseUserRole]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes Sequence[GetDatabaseUserScope]

Array of clusters and Atlas Data Lakes that this user has access to.

username str
x509_type str

X.509 method by which the provided username is authenticated.

auth_database_name str
database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

awsIamType String

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

id String

The provider-assigned unique ID for this managed resource.

labels List<Property Map>
ldapAuthType String

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

projectId String
roles List<Property Map>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes List<Property Map>

Array of clusters and Atlas Data Lakes that this user has access to.

username String
x509Type String

X.509 method by which the provided username is authenticated.

authDatabaseName String
databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

Deprecated:

use auth_database_name instead

Supporting Types

GetDatabaseUserLabel

Key string

The key that you want to write.

Value string

The value that you want to write.

Key string

The key that you want to write.

Value string

The value that you want to write.

key String

The key that you want to write.

value String

The value that you want to write.

key string

The key that you want to write.

value string

The value that you want to write.

key str

The key that you want to write.

value str

The value that you want to write.

key String

The key that you want to write.

value String

The value that you want to write.

GetDatabaseUserRole

CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string
CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string
collectionName String

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName String
collectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName string
collection_name str

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

role_name str
collectionName String

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName String

GetDatabaseUserScope

Name string

Name of the role to grant.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Name string

Name of the role to grant.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name String

Name of the role to grant.

type String

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name string

Name of the role to grant.

type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name str

Name of the role to grant.

type str

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name String

Name of the role to grant.

type String

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Package Details

Repository
MongoDB Atlas pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes

This Pulumi package is based on the mongodbatlas Terraform Provider.