Viewing docs for MongoDB Atlas v4.5.0
published on Thursday, Mar 12, 2026 by Pulumi
published on Thursday, Mar 12, 2026 by Pulumi
Viewing docs for MongoDB Atlas v4.5.0
published on Thursday, Mar 12, 2026 by Pulumi
published on Thursday, Mar 12, 2026 by Pulumi
mongodbatlas.getServiceAccountAccessListEntries returns all Access List entries for the specified Service Account.
IMPORTANT: When you remove an entry from the access list, existing connections from the removed address(es) may remain open for a variable amount of time. How much time passes before Atlas closes the connection depends on several factors, including how the connection was established, the particular behavior of the application or driver using the address, and the connection protocol (e.g., TCP or UDP). This is particularly important to consider when changing an existing IP address or CIDR block as they cannot be updated via the Provider, hence a change will force the destruction and recreation of entries.
IMPORTANT WARNING: Managing Service Accounts with Terraform exposes sensitive organizational secrets in Terraform’s state. We suggest following Terraform’s best practices.
Example Usage
S
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";
const thisServiceAccount = new mongodbatlas.ServiceAccount("this", {
orgId: orgId,
name: "example-service-account",
description: "Example Service Account",
roles: ["ORG_READ_ONLY"],
secretExpiresAfterHours: 2160,
});
// Add IP Access List Entry to Service Account using CIDR Block
const cidr = new mongodbatlas.ServiceAccountAccessListEntry("cidr", {
orgId: orgId,
clientId: thisServiceAccount.clientId,
cidrBlock: "1.2.3.4/32",
});
// Add IP Access List Entry to Service Account using IP Address
const ip = new mongodbatlas.ServiceAccountAccessListEntry("ip", {
orgId: orgId,
clientId: thisServiceAccount.clientId,
ipAddress: "2.3.4.5",
});
// Data source to read a single Access List entry for the Service Account
const _this = mongodbatlas.getServiceAccountAccessListEntryOutput({
orgId: cidr.orgId,
clientId: cidr.clientId,
cidrBlock: cidr.cidrBlock,
});
export const accessListEntryCidrBlock = _this.apply(_this => _this.cidrBlock);
// Data source to read all Access List entries for the Service Account
const thisGetServiceAccountAccessListEntries = mongodbatlas.getServiceAccountAccessListEntriesOutput({
orgId: thisServiceAccount.orgId,
clientId: thisServiceAccount.clientId,
});
export const allAccessListEntries = thisGetServiceAccountAccessListEntries.apply(thisGetServiceAccountAccessListEntries => thisGetServiceAccountAccessListEntries.results);
import pulumi
import pulumi_mongodbatlas as mongodbatlas
this_service_account = mongodbatlas.ServiceAccount("this",
org_id=org_id,
name="example-service-account",
description="Example Service Account",
roles=["ORG_READ_ONLY"],
secret_expires_after_hours=2160)
# Add IP Access List Entry to Service Account using CIDR Block
cidr = mongodbatlas.ServiceAccountAccessListEntry("cidr",
org_id=org_id,
client_id=this_service_account.client_id,
cidr_block="1.2.3.4/32")
# Add IP Access List Entry to Service Account using IP Address
ip = mongodbatlas.ServiceAccountAccessListEntry("ip",
org_id=org_id,
client_id=this_service_account.client_id,
ip_address="2.3.4.5")
# Data source to read a single Access List entry for the Service Account
this = mongodbatlas.get_service_account_access_list_entry_output(org_id=cidr.org_id,
client_id=cidr.client_id,
cidr_block=cidr.cidr_block)
pulumi.export("accessListEntryCidrBlock", this.cidr_block)
# Data source to read all Access List entries for the Service Account
this_get_service_account_access_list_entries = mongodbatlas.get_service_account_access_list_entries_output(org_id=this_service_account.org_id,
client_id=this_service_account.client_id)
pulumi.export("allAccessListEntries", this_get_service_account_access_list_entries.results)
package main
import (
"github.com/pulumi/pulumi-mongodbatlas/sdk/v4/go/mongodbatlas"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
thisServiceAccount, err := mongodbatlas.NewServiceAccount(ctx, "this", &mongodbatlas.ServiceAccountArgs{
OrgId: pulumi.Any(orgId),
Name: pulumi.String("example-service-account"),
Description: pulumi.String("Example Service Account"),
Roles: pulumi.StringArray{
pulumi.String("ORG_READ_ONLY"),
},
SecretExpiresAfterHours: pulumi.Int(2160),
})
if err != nil {
return err
}
// Add IP Access List Entry to Service Account using CIDR Block
cidr, err := mongodbatlas.NewServiceAccountAccessListEntry(ctx, "cidr", &mongodbatlas.ServiceAccountAccessListEntryArgs{
OrgId: pulumi.Any(orgId),
ClientId: thisServiceAccount.ClientId,
CidrBlock: pulumi.String("1.2.3.4/32"),
})
if err != nil {
return err
}
// Add IP Access List Entry to Service Account using IP Address
_, err = mongodbatlas.NewServiceAccountAccessListEntry(ctx, "ip", &mongodbatlas.ServiceAccountAccessListEntryArgs{
OrgId: pulumi.Any(orgId),
ClientId: thisServiceAccount.ClientId,
IpAddress: pulumi.String("2.3.4.5"),
})
if err != nil {
return err
}
// Data source to read a single Access List entry for the Service Account
this := mongodbatlas.LookupServiceAccountAccessListEntryOutput(ctx, mongodbatlas.GetServiceAccountAccessListEntryOutputArgs{
OrgId: cidr.OrgId,
ClientId: cidr.ClientId,
CidrBlock: cidr.CidrBlock,
}, nil)
ctx.Export("accessListEntryCidrBlock", this.ApplyT(func(this mongodbatlas.GetServiceAccountAccessListEntryResult) (*string, error) {
return &this.CidrBlock, nil
}).(pulumi.StringPtrOutput))
// Data source to read all Access List entries for the Service Account
thisGetServiceAccountAccessListEntries := mongodbatlas.LookupServiceAccountAccessListEntriesOutput(ctx, mongodbatlas.GetServiceAccountAccessListEntriesOutputArgs{
OrgId: thisServiceAccount.OrgId,
ClientId: thisServiceAccount.ClientId,
}, nil)
ctx.Export("allAccessListEntries", thisGetServiceAccountAccessListEntries.ApplyT(func(thisGetServiceAccountAccessListEntries mongodbatlas.GetServiceAccountAccessListEntriesResult) ([]mongodbatlas.GetServiceAccountAccessListEntriesResult, error) {
return []mongodbatlas.GetServiceAccountAccessListEntriesResult(thisGetServiceAccountAccessListEntries.Results), nil
}).([]mongodbatlas.GetServiceAccountAccessListEntriesResultOutput))
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;
return await Deployment.RunAsync(() =>
{
var thisServiceAccount = new Mongodbatlas.ServiceAccount("this", new()
{
OrgId = orgId,
Name = "example-service-account",
Description = "Example Service Account",
Roles = new[]
{
"ORG_READ_ONLY",
},
SecretExpiresAfterHours = 2160,
});
// Add IP Access List Entry to Service Account using CIDR Block
var cidr = new Mongodbatlas.ServiceAccountAccessListEntry("cidr", new()
{
OrgId = orgId,
ClientId = thisServiceAccount.ClientId,
CidrBlock = "1.2.3.4/32",
});
// Add IP Access List Entry to Service Account using IP Address
var ip = new Mongodbatlas.ServiceAccountAccessListEntry("ip", new()
{
OrgId = orgId,
ClientId = thisServiceAccount.ClientId,
IpAddress = "2.3.4.5",
});
// Data source to read a single Access List entry for the Service Account
var @this = Mongodbatlas.GetServiceAccountAccessListEntry.Invoke(new()
{
OrgId = cidr.OrgId,
ClientId = cidr.ClientId,
CidrBlock = cidr.CidrBlock,
});
// Data source to read all Access List entries for the Service Account
var thisGetServiceAccountAccessListEntries = Mongodbatlas.GetServiceAccountAccessListEntries.Invoke(new()
{
OrgId = thisServiceAccount.OrgId,
ClientId = thisServiceAccount.ClientId,
});
return new Dictionary<string, object?>
{
["accessListEntryCidrBlock"] = @this.Apply(@this => @this.Apply(getServiceAccountAccessListEntryResult => getServiceAccountAccessListEntryResult.CidrBlock)),
["allAccessListEntries"] = thisGetServiceAccountAccessListEntries.Apply(getServiceAccountAccessListEntriesResult => getServiceAccountAccessListEntriesResult.Results),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.ServiceAccount;
import com.pulumi.mongodbatlas.ServiceAccountArgs;
import com.pulumi.mongodbatlas.ServiceAccountAccessListEntry;
import com.pulumi.mongodbatlas.ServiceAccountAccessListEntryArgs;
import com.pulumi.mongodbatlas.MongodbatlasFunctions;
import com.pulumi.mongodbatlas.inputs.GetServiceAccountAccessListEntryArgs;
import com.pulumi.mongodbatlas.inputs.GetServiceAccountAccessListEntriesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var thisServiceAccount = new ServiceAccount("thisServiceAccount", ServiceAccountArgs.builder()
.orgId(orgId)
.name("example-service-account")
.description("Example Service Account")
.roles("ORG_READ_ONLY")
.secretExpiresAfterHours(2160)
.build());
// Add IP Access List Entry to Service Account using CIDR Block
var cidr = new ServiceAccountAccessListEntry("cidr", ServiceAccountAccessListEntryArgs.builder()
.orgId(orgId)
.clientId(thisServiceAccount.clientId())
.cidrBlock("1.2.3.4/32")
.build());
// Add IP Access List Entry to Service Account using IP Address
var ip = new ServiceAccountAccessListEntry("ip", ServiceAccountAccessListEntryArgs.builder()
.orgId(orgId)
.clientId(thisServiceAccount.clientId())
.ipAddress("2.3.4.5")
.build());
// Data source to read a single Access List entry for the Service Account
final var this = MongodbatlasFunctions.getServiceAccountAccessListEntry(GetServiceAccountAccessListEntryArgs.builder()
.orgId(cidr.orgId())
.clientId(cidr.clientId())
.cidrBlock(cidr.cidrBlock())
.build());
ctx.export("accessListEntryCidrBlock", this_.applyValue(_this_ -> _this_.cidrBlock()));
// Data source to read all Access List entries for the Service Account
final var thisGetServiceAccountAccessListEntries = MongodbatlasFunctions.getServiceAccountAccessListEntries(GetServiceAccountAccessListEntriesArgs.builder()
.orgId(thisServiceAccount.orgId())
.clientId(thisServiceAccount.clientId())
.build());
ctx.export("allAccessListEntries", thisGetServiceAccountAccessListEntries.applyValue(_thisGetServiceAccountAccessListEntries -> _thisGetServiceAccountAccessListEntries.results()));
}
}
resources:
thisServiceAccount:
type: mongodbatlas:ServiceAccount
name: this
properties:
orgId: ${orgId}
name: example-service-account
description: Example Service Account
roles:
- ORG_READ_ONLY
secretExpiresAfterHours: 2160 # 90 days
# Add IP Access List Entry to Service Account using CIDR Block
cidr:
type: mongodbatlas:ServiceAccountAccessListEntry
properties:
orgId: ${orgId}
clientId: ${thisServiceAccount.clientId}
cidrBlock: 1.2.3.4/32
# Add IP Access List Entry to Service Account using IP Address
ip:
type: mongodbatlas:ServiceAccountAccessListEntry
properties:
orgId: ${orgId}
clientId: ${thisServiceAccount.clientId}
ipAddress: 2.3.4.5
variables:
# Data source to read a single Access List entry for the Service Account
this:
fn::invoke:
function: mongodbatlas:getServiceAccountAccessListEntry
arguments:
orgId: ${cidr.orgId}
clientId: ${cidr.clientId}
cidrBlock: ${cidr.cidrBlock}
# Data source to read all Access List entries for the Service Account
thisGetServiceAccountAccessListEntries:
fn::invoke:
function: mongodbatlas:getServiceAccountAccessListEntries
arguments:
orgId: ${thisServiceAccount.orgId}
clientId: ${thisServiceAccount.clientId}
outputs:
accessListEntryCidrBlock: ${this.cidrBlock}
allAccessListEntries: ${thisGetServiceAccountAccessListEntries.results}
Using getServiceAccountAccessListEntries
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getServiceAccountAccessListEntries(args: GetServiceAccountAccessListEntriesArgs, opts?: InvokeOptions): Promise<GetServiceAccountAccessListEntriesResult>
function getServiceAccountAccessListEntriesOutput(args: GetServiceAccountAccessListEntriesOutputArgs, opts?: InvokeOptions): Output<GetServiceAccountAccessListEntriesResult>def get_service_account_access_list_entries(client_id: Optional[str] = None,
org_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetServiceAccountAccessListEntriesResult
def get_service_account_access_list_entries_output(client_id: Optional[pulumi.Input[str]] = None,
org_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetServiceAccountAccessListEntriesResult]func LookupServiceAccountAccessListEntries(ctx *Context, args *LookupServiceAccountAccessListEntriesArgs, opts ...InvokeOption) (*LookupServiceAccountAccessListEntriesResult, error)
func LookupServiceAccountAccessListEntriesOutput(ctx *Context, args *LookupServiceAccountAccessListEntriesOutputArgs, opts ...InvokeOption) LookupServiceAccountAccessListEntriesResultOutput> Note: This function is named LookupServiceAccountAccessListEntries in the Go SDK.
public static class GetServiceAccountAccessListEntries
{
public static Task<GetServiceAccountAccessListEntriesResult> InvokeAsync(GetServiceAccountAccessListEntriesArgs args, InvokeOptions? opts = null)
public static Output<GetServiceAccountAccessListEntriesResult> Invoke(GetServiceAccountAccessListEntriesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetServiceAccountAccessListEntriesResult> getServiceAccountAccessListEntries(GetServiceAccountAccessListEntriesArgs args, InvokeOptions options)
public static Output<GetServiceAccountAccessListEntriesResult> getServiceAccountAccessListEntries(GetServiceAccountAccessListEntriesArgs args, InvokeOptions options)
fn::invoke:
function: mongodbatlas:index/getServiceAccountAccessListEntries:getServiceAccountAccessListEntries
arguments:
# arguments dictionaryThe following arguments are supported:
getServiceAccountAccessListEntries Result
The following output properties are available:
- Client
Id string - The Client ID of the Service Account.
- Id string
- The provider-assigned unique ID for this managed resource.
- Org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- Results
List<Get
Service Account Access List Entries Result> - List of documents that MongoDB Cloud returns for this request.
- Client
Id string - The Client ID of the Service Account.
- Id string
- The provider-assigned unique ID for this managed resource.
- Org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- Results
[]Get
Service Account Access List Entries Result - List of documents that MongoDB Cloud returns for this request.
- client
Id String - The Client ID of the Service Account.
- id String
- The provider-assigned unique ID for this managed resource.
- org
Id String - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- results
List<Get
Service Account Access List Entries Result> - List of documents that MongoDB Cloud returns for this request.
- client
Id string - The Client ID of the Service Account.
- id string
- The provider-assigned unique ID for this managed resource.
- org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- results
Get
Service Account Access List Entries Result[] - List of documents that MongoDB Cloud returns for this request.
- client_
id str - The Client ID of the Service Account.
- id str
- The provider-assigned unique ID for this managed resource.
- org_
id str - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- results
Sequence[Get
Service Account Access List Entries Result] - List of documents that MongoDB Cloud returns for this request.
- client
Id String - The Client ID of the Service Account.
- id String
- The provider-assigned unique ID for this managed resource.
- org
Id String - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- results List<Property Map>
- List of documents that MongoDB Cloud returns for this request.
Supporting Types
GetServiceAccountAccessListEntriesResult
- Cidr
Block string - Range of IP addresses in CIDR notation to be added to the access list. You can set a value for this parameter or ip_address, but not for both.
- Client
Id string - The Client ID of the Service Account.
- Created
At string - Date the entry was added to the access list. This attribute expresses its value in the ISO 8601 timestamp format in UTC.
- Ip
Address string - IP address to be added to the access list. You can set a value for this parameter or cidr_block, but not for both.
- Last
Used stringAddress - Network address that issued the most recent request to the API.
- Last
Used stringAt - Date when the API received the most recent request that originated from this network address.
- Org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- Request
Count int - The number of requests that has originated from this network address.
- Cidr
Block string - Range of IP addresses in CIDR notation to be added to the access list. You can set a value for this parameter or ip_address, but not for both.
- Client
Id string - The Client ID of the Service Account.
- Created
At string - Date the entry was added to the access list. This attribute expresses its value in the ISO 8601 timestamp format in UTC.
- Ip
Address string - IP address to be added to the access list. You can set a value for this parameter or cidr_block, but not for both.
- Last
Used stringAddress - Network address that issued the most recent request to the API.
- Last
Used stringAt - Date when the API received the most recent request that originated from this network address.
- Org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- Request
Count int - The number of requests that has originated from this network address.
- cidr
Block String - Range of IP addresses in CIDR notation to be added to the access list. You can set a value for this parameter or ip_address, but not for both.
- client
Id String - The Client ID of the Service Account.
- created
At String - Date the entry was added to the access list. This attribute expresses its value in the ISO 8601 timestamp format in UTC.
- ip
Address String - IP address to be added to the access list. You can set a value for this parameter or cidr_block, but not for both.
- last
Used StringAddress - Network address that issued the most recent request to the API.
- last
Used StringAt - Date when the API received the most recent request that originated from this network address.
- org
Id String - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- request
Count Integer - The number of requests that has originated from this network address.
- cidr
Block string - Range of IP addresses in CIDR notation to be added to the access list. You can set a value for this parameter or ip_address, but not for both.
- client
Id string - The Client ID of the Service Account.
- created
At string - Date the entry was added to the access list. This attribute expresses its value in the ISO 8601 timestamp format in UTC.
- ip
Address string - IP address to be added to the access list. You can set a value for this parameter or cidr_block, but not for both.
- last
Used stringAddress - Network address that issued the most recent request to the API.
- last
Used stringAt - Date when the API received the most recent request that originated from this network address.
- org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- request
Count number - The number of requests that has originated from this network address.
- cidr_
block str - Range of IP addresses in CIDR notation to be added to the access list. You can set a value for this parameter or ip_address, but not for both.
- client_
id str - The Client ID of the Service Account.
- created_
at str - Date the entry was added to the access list. This attribute expresses its value in the ISO 8601 timestamp format in UTC.
- ip_
address str - IP address to be added to the access list. You can set a value for this parameter or cidr_block, but not for both.
- last_
used_ straddress - Network address that issued the most recent request to the API.
- last_
used_ strat - Date when the API received the most recent request that originated from this network address.
- org_
id str - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- request_
count int - The number of requests that has originated from this network address.
- cidr
Block String - Range of IP addresses in CIDR notation to be added to the access list. You can set a value for this parameter or ip_address, but not for both.
- client
Id String - The Client ID of the Service Account.
- created
At String - Date the entry was added to the access list. This attribute expresses its value in the ISO 8601 timestamp format in UTC.
- ip
Address String - IP address to be added to the access list. You can set a value for this parameter or cidr_block, but not for both.
- last
Used StringAddress - Network address that issued the most recent request to the API.
- last
Used StringAt - Date when the API received the most recent request that originated from this network address.
- org
Id String - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- request
Count Number - The number of requests that has originated from this network address.
Package Details
- Repository
- MongoDB Atlas pulumi/pulumi-mongodbatlas
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mongodbatlasTerraform Provider.
Viewing docs for MongoDB Atlas v4.5.0
published on Thursday, Mar 12, 2026 by Pulumi
published on Thursday, Mar 12, 2026 by Pulumi
