MongoDB Atlas

Pulumi Official
Package maintained by Pulumi
v3.3.0 published on Thursday, Mar 17, 2022 by Pulumi

getDatabaseUsers

mongodbatlas.getDatabaseUsers describe all Database Users. This represents a database user which will be applied to all clusters within the project.

Each user has a set of roles that provide access to the project’s databases. User’s roles apply to all the clusters in the project: if two clusters have a products database and a user has a role granting read access on the products database, the user has that access on both clusters.

NOTE: Groups and projects are synonymous terms. You may find groupId in the official documentation.

Example Usage

using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

class MyStack : Stack
{
    public MyStack()
    {
        var testDatabaseUser = new Mongodbatlas.DatabaseUser("testDatabaseUser", new Mongodbatlas.DatabaseUserArgs
        {
            Username = "test-acc-username",
            Password = "test-acc-password",
            ProjectId = "<PROJECT-ID>",
            AuthDatabaseName = "admin",
            Roles = 
            {
                new Mongodbatlas.Inputs.DatabaseUserRoleArgs
                {
                    RoleName = "readWrite",
                    DatabaseName = "admin",
                },
                new Mongodbatlas.Inputs.DatabaseUserRoleArgs
                {
                    RoleName = "atlasAdmin",
                    DatabaseName = "admin",
                },
            },
            Labels = 
            {
                new Mongodbatlas.Inputs.DatabaseUserLabelArgs
                {
                    Key = "key 1",
                    Value = "value 1",
                },
                new Mongodbatlas.Inputs.DatabaseUserLabelArgs
                {
                    Key = "key 2",
                    Value = "value 2",
                },
            },
        });
        var testDatabaseUsers = Mongodbatlas.GetDatabaseUsers.Invoke(new Mongodbatlas.GetDatabaseUsersInvokeArgs
        {
            ProjectId = testDatabaseUser.ProjectId,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testDatabaseUser, err := mongodbatlas.NewDatabaseUser(ctx, "testDatabaseUser", &mongodbatlas.DatabaseUserArgs{
			Username:         pulumi.String("test-acc-username"),
			Password:         pulumi.String("test-acc-password"),
			ProjectId:        pulumi.String("<PROJECT-ID>"),
			AuthDatabaseName: pulumi.String("admin"),
			Roles: DatabaseUserRoleArray{
				&DatabaseUserRoleArgs{
					RoleName:     pulumi.String("readWrite"),
					DatabaseName: pulumi.String("admin"),
				},
				&DatabaseUserRoleArgs{
					RoleName:     pulumi.String("atlasAdmin"),
					DatabaseName: pulumi.String("admin"),
				},
			},
			Labels: DatabaseUserLabelArray{
				&DatabaseUserLabelArgs{
					Key:   pulumi.String("key 1"),
					Value: pulumi.String("value 1"),
				},
				&DatabaseUserLabelArgs{
					Key:   pulumi.String("key 2"),
					Value: pulumi.String("value 2"),
				},
			},
		})
		if err != nil {
			return err
		}
		_ = mongodbatlas.LookupDatabaseUsersOutput(ctx, GetDatabaseUsersOutputArgs{
			ProjectId: testDatabaseUser.ProjectId,
		}, nil)
		return nil
	})
}

Coming soon!

import pulumi
import pulumi_mongodbatlas as mongodbatlas

test_database_user = mongodbatlas.DatabaseUser("testDatabaseUser",
    username="test-acc-username",
    password="test-acc-password",
    project_id="<PROJECT-ID>",
    auth_database_name="admin",
    roles=[
        mongodbatlas.DatabaseUserRoleArgs(
            role_name="readWrite",
            database_name="admin",
        ),
        mongodbatlas.DatabaseUserRoleArgs(
            role_name="atlasAdmin",
            database_name="admin",
        ),
    ],
    labels=[
        mongodbatlas.DatabaseUserLabelArgs(
            key="key 1",
            value="value 1",
        ),
        mongodbatlas.DatabaseUserLabelArgs(
            key="key 2",
            value="value 2",
        ),
    ])
test_database_users = mongodbatlas.get_database_users_output(project_id=test_database_user.project_id)
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const testDatabaseUser = new mongodbatlas.DatabaseUser("testDatabaseUser", {
    username: "test-acc-username",
    password: "test-acc-password",
    projectId: "<PROJECT-ID>",
    authDatabaseName: "admin",
    roles: [
        {
            roleName: "readWrite",
            databaseName: "admin",
        },
        {
            roleName: "atlasAdmin",
            databaseName: "admin",
        },
    ],
    labels: [
        {
            key: "key 1",
            value: "value 1",
        },
        {
            key: "key 2",
            value: "value 2",
        },
    ],
});
const testDatabaseUsers = mongodbatlas.getDatabaseUsersOutput({
    projectId: testDatabaseUser.projectId,
});

Coming soon!

Using getDatabaseUsers

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDatabaseUsers(args: GetDatabaseUsersArgs, opts?: InvokeOptions): Promise<GetDatabaseUsersResult>
function getDatabaseUsersOutput(args: GetDatabaseUsersOutputArgs, opts?: InvokeOptions): Output<GetDatabaseUsersResult>
def get_database_users(project_id: Optional[str] = None,
                       opts: Optional[InvokeOptions] = None) -> GetDatabaseUsersResult
def get_database_users_output(project_id: Optional[pulumi.Input[str]] = None,
                       opts: Optional[InvokeOptions] = None) -> Output[GetDatabaseUsersResult]
func LookupDatabaseUsers(ctx *Context, args *LookupDatabaseUsersArgs, opts ...InvokeOption) (*LookupDatabaseUsersResult, error)
func LookupDatabaseUsersOutput(ctx *Context, args *LookupDatabaseUsersOutputArgs, opts ...InvokeOption) LookupDatabaseUsersResultOutput

> Note: This function is named LookupDatabaseUsers in the Go SDK.

public static class GetDatabaseUsers 
{
    public static Task<GetDatabaseUsersResult> InvokeAsync(GetDatabaseUsersArgs args, InvokeOptions? opts = null)
    public static Output<GetDatabaseUsersResult> Invoke(GetDatabaseUsersInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetDatabaseUsersResult> getDatabaseUsers(GetDatabaseUsersArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
  Function: mongodbatlas:index/getDatabaseUsers:getDatabaseUsers
  Arguments:
    # Arguments dictionary

The following arguments are supported:

ProjectId string

The unique ID for the project to get all database users.

ProjectId string

The unique ID for the project to get all database users.

projectId String

The unique ID for the project to get all database users.

projectId string

The unique ID for the project to get all database users.

project_id str

The unique ID for the project to get all database users.

projectId String

The unique ID for the project to get all database users.

getDatabaseUsers Result

The following output properties are available:

Id string

The provider-assigned unique ID for this managed resource.

ProjectId string

ID of the Atlas project the user belongs to.

Results List<GetDatabaseUsersResult>

A list where each represents a Database user.

Id string

The provider-assigned unique ID for this managed resource.

ProjectId string

ID of the Atlas project the user belongs to.

Results []GetDatabaseUsersResult

A list where each represents a Database user.

id String

The provider-assigned unique ID for this managed resource.

projectId String

ID of the Atlas project the user belongs to.

results ListDatabaseUsersResult>

A list where each represents a Database user.

id string

The provider-assigned unique ID for this managed resource.

projectId string

ID of the Atlas project the user belongs to.

results GetDatabaseUsersResult[]

A list where each represents a Database user.

id str

The provider-assigned unique ID for this managed resource.

project_id str

ID of the Atlas project the user belongs to.

results Sequence[GetDatabaseUsersResult]

A list where each represents a Database user.

id String

The provider-assigned unique ID for this managed resource.

projectId String

ID of the Atlas project the user belongs to.

results List

A list where each represents a Database user.

Supporting Types

GetDatabaseUsersResult

AuthDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
AwsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

Labels List<GetDatabaseUsersResultLabel>
LdapAuthType string

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

ProjectId string

The unique ID for the project to get all database users.

Roles List<GetDatabaseUsersResultRole>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes List<GetDatabaseUsersResultScope>

Array of clusters and Atlas Data Lakes that this user has access to.

Username string

Username for authenticating to MongoDB.

X509Type string

X.509 method by which the provided username is authenticated.

AuthDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
AwsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

Labels []GetDatabaseUsersResultLabel
LdapAuthType string

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

ProjectId string

The unique ID for the project to get all database users.

Roles []GetDatabaseUsersResultRole

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

Scopes []GetDatabaseUsersResultScope

Array of clusters and Atlas Data Lakes that this user has access to.

Username string

Username for authenticating to MongoDB.

X509Type string

X.509 method by which the provided username is authenticated.

authDatabaseName String

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
awsIamType String

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

labels ListDatabaseUsersResultLabel>
ldapAuthType String

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

projectId String

The unique ID for the project to get all database users.

roles ListDatabaseUsersResultRole>

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes ListDatabaseUsersResultScope>

Array of clusters and Atlas Data Lakes that this user has access to.

username String

Username for authenticating to MongoDB.

x509Type String

X.509 method by which the provided username is authenticated.

authDatabaseName string

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
awsIamType string

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

labels GetDatabaseUsersResultLabel[]
ldapAuthType string

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

projectId string

The unique ID for the project to get all database users.

roles GetDatabaseUsersResultRole[]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes GetDatabaseUsersResultScope[]

Array of clusters and Atlas Data Lakes that this user has access to.

username string

Username for authenticating to MongoDB.

x509Type string

X.509 method by which the provided username is authenticated.

auth_database_name str

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
aws_iam_type str

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

labels Sequence[GetDatabaseUsersResultLabel]
ldap_auth_type str

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

project_id str

The unique ID for the project to get all database users.

roles Sequence[GetDatabaseUsersResultRole]

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes Sequence[GetDatabaseUsersResultScope]

Array of clusters and Atlas Data Lakes that this user has access to.

username str

Username for authenticating to MongoDB.

x509_type str

X.509 method by which the provided username is authenticated.

authDatabaseName String

(Required) Database against which Atlas authenticates the user. A user must provide both a username and authentication database to log into MongoDB. Possible values include:

  • admin if x509_type and aws_iam_type and ldap_auth_type are omitted or NONE.
  • $external if:
  • x509_type is MANAGED or CUSTOMER, or
  • aws_iam_type is USER or ROLE.
awsIamType String

The new database user authenticates with AWS IAM credentials. Default is NONE, USER means user has AWS IAM user credentials, ROLE - means user has credentials associated with an AWS IAM role.

labels List
ldapAuthType String

Method by which the provided username is authenticated. Default is NONE. Other valid values are: USER, GROUP.

projectId String

The unique ID for the project to get all database users.

roles List

List of user’s roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. See Roles below for more details.

scopes List

Array of clusters and Atlas Data Lakes that this user has access to.

username String

Username for authenticating to MongoDB.

x509Type String

X.509 method by which the provided username is authenticated.

GetDatabaseUsersResultLabel

Key string

The key that you want to write.

Value string

The value that you want to write.

Key string

The key that you want to write.

Value string

The value that you want to write.

key String

The key that you want to write.

value String

The value that you want to write.

key string

The key that you want to write.

value string

The value that you want to write.

key str

The key that you want to write.

value str

The value that you want to write.

key String

The key that you want to write.

value String

The value that you want to write.

GetDatabaseUsersResultRole

CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string
CollectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

DatabaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

RoleName string
collectionName String

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName String
collectionName string

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName string

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName string
collection_name str

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

database_name str

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

role_name str
collectionName String

Collection for which the role applies. You can specify a collection for the read and readWrite roles. If you do not specify a collection for read and readWrite, the role applies to all collections in the database (excluding some collections in the system. database).

databaseName String

Database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases.

roleName String

GetDatabaseUsersResultScope

Name string

Name of the role to grant.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Name string

Name of the role to grant.

Type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name String

Name of the role to grant.

type String

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name string

Name of the role to grant.

type string

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name str

Name of the role to grant.

type str

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

name String

Name of the role to grant.

type String

Type of resource that the user has access to. Valid values are: CLUSTER and DATA_LAKE

Package Details

Repository
https://github.com/pulumi/pulumi-mongodbatlas
License
Apache-2.0
Notes

This Pulumi package is based on the mongodbatlas Terraform Provider.