MongoDB Atlas v4.2.0 published on Friday, Jan 23, 2026 by Pulumi
MongoDB Atlas v4.2.0 published on Friday, Jan 23, 2026 by Pulumi
Example Usage
S
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";
const thisServiceAccount = new mongodbatlas.ServiceAccount("this", {
orgId: orgId,
name: "example-service-account",
description: "Example Service Account",
roles: ["ORG_READ_ONLY"],
secretExpiresAfterHours: 2160,
});
const thisServiceAccountSecret = new mongodbatlas.ServiceAccountSecret("this", {
orgId: orgId,
clientId: thisServiceAccount.clientId,
secretExpiresAfterHours: 2160,
});
const _this = pulumi.all([thisServiceAccount.clientId, thisServiceAccountSecret.secretId]).apply(([clientId, secretId]) => mongodbatlas.getServiceAccountSecretOutput({
orgId: orgId,
clientId: clientId,
secretId: secretId,
}));
export const secretId = thisServiceAccountSecret.secretId;
export const secret = thisServiceAccountSecret.secret;
export const secretExpiresAt = _this.apply(_this => _this.expiresAt);
import pulumi
import pulumi_mongodbatlas as mongodbatlas
this_service_account = mongodbatlas.ServiceAccount("this",
org_id=org_id,
name="example-service-account",
description="Example Service Account",
roles=["ORG_READ_ONLY"],
secret_expires_after_hours=2160)
this_service_account_secret = mongodbatlas.ServiceAccountSecret("this",
org_id=org_id,
client_id=this_service_account.client_id,
secret_expires_after_hours=2160)
this = pulumi.Output.all(
client_id=this_service_account.client_id,
secret_id=this_service_account_secret.secret_id
).apply(lambda resolved_outputs: mongodbatlas.get_service_account_secret_output(org_id=org_id,
client_id=resolved_outputs['client_id'],
secret_id=resolved_outputs['secret_id']))
pulumi.export("secretId", this_service_account_secret.secret_id)
pulumi.export("secret", this_service_account_secret.secret)
pulumi.export("secretExpiresAt", this.expires_at)
package main
import (
"github.com/pulumi/pulumi-mongodbatlas/sdk/v4/go/mongodbatlas"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
thisServiceAccount, err := mongodbatlas.NewServiceAccount(ctx, "this", &mongodbatlas.ServiceAccountArgs{
OrgId: pulumi.Any(orgId),
Name: pulumi.String("example-service-account"),
Description: pulumi.String("Example Service Account"),
Roles: pulumi.StringArray{
pulumi.String("ORG_READ_ONLY"),
},
SecretExpiresAfterHours: pulumi.Int(2160),
})
if err != nil {
return err
}
thisServiceAccountSecret, err := mongodbatlas.NewServiceAccountSecret(ctx, "this", &mongodbatlas.ServiceAccountSecretArgs{
OrgId: pulumi.Any(orgId),
ClientId: thisServiceAccount.ClientId,
SecretExpiresAfterHours: pulumi.Int(2160),
})
if err != nil {
return err
}
this := pulumi.All(thisServiceAccount.ClientId, thisServiceAccountSecret.SecretId).ApplyT(func(_args []interface{}) (mongodbatlas.GetServiceAccountSecretResult, error) {
clientId := _args[0].(string)
secretId := _args[1].(string)
return mongodbatlas.GetServiceAccountSecretResult(interface{}(mongodbatlas.LookupServiceAccountSecret(ctx, &mongodbatlas.LookupServiceAccountSecretArgs{
OrgId: orgId,
ClientId: clientId,
SecretId: secretId,
}, nil))), nil
}).(mongodbatlas.GetServiceAccountSecretResultOutput)
ctx.Export("secretId", thisServiceAccountSecret.SecretId)
ctx.Export("secret", thisServiceAccountSecret.Secret)
ctx.Export("secretExpiresAt", this.ApplyT(func(this mongodbatlas.GetServiceAccountSecretResult) (*string, error) {
return &this.ExpiresAt, nil
}).(pulumi.StringPtrOutput))
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;
return await Deployment.RunAsync(() =>
{
var thisServiceAccount = new Mongodbatlas.ServiceAccount("this", new()
{
OrgId = orgId,
Name = "example-service-account",
Description = "Example Service Account",
Roles = new[]
{
"ORG_READ_ONLY",
},
SecretExpiresAfterHours = 2160,
});
var thisServiceAccountSecret = new Mongodbatlas.ServiceAccountSecret("this", new()
{
OrgId = orgId,
ClientId = thisServiceAccount.ClientId,
SecretExpiresAfterHours = 2160,
});
var @this = Mongodbatlas.GetServiceAccountSecret.Invoke(new()
{
OrgId = orgId,
ClientId = thisServiceAccount.ClientId,
SecretId = thisServiceAccountSecret.SecretId,
});
return new Dictionary<string, object?>
{
["secretId"] = thisServiceAccountSecret.SecretId,
["secret"] = thisServiceAccountSecret.Secret,
["secretExpiresAt"] = @this.Apply(@this => @this.Apply(getServiceAccountSecretResult => getServiceAccountSecretResult.ExpiresAt)),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.ServiceAccount;
import com.pulumi.mongodbatlas.ServiceAccountArgs;
import com.pulumi.mongodbatlas.ServiceAccountSecret;
import com.pulumi.mongodbatlas.ServiceAccountSecretArgs;
import com.pulumi.mongodbatlas.MongodbatlasFunctions;
import com.pulumi.mongodbatlas.inputs.GetServiceAccountSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var thisServiceAccount = new ServiceAccount("thisServiceAccount", ServiceAccountArgs.builder()
.orgId(orgId)
.name("example-service-account")
.description("Example Service Account")
.roles("ORG_READ_ONLY")
.secretExpiresAfterHours(2160)
.build());
var thisServiceAccountSecret = new ServiceAccountSecret("thisServiceAccountSecret", ServiceAccountSecretArgs.builder()
.orgId(orgId)
.clientId(thisServiceAccount.clientId())
.secretExpiresAfterHours(2160)
.build());
final var this = Output.tuple(thisServiceAccount.clientId(), thisServiceAccountSecret.secretId()).applyValue(values -> {
var clientId = values.t1;
var secretId = values.t2;
return MongodbatlasFunctions.getServiceAccountSecret(GetServiceAccountSecretArgs.builder()
.orgId(orgId)
.clientId(clientId)
.secretId(secretId)
.build());
});
ctx.export("secretId", thisServiceAccountSecret.secretId());
ctx.export("secret", thisServiceAccountSecret.secret());
ctx.export("secretExpiresAt", this_.applyValue(_this_ -> _this_.expiresAt()));
}
}
resources:
thisServiceAccount:
type: mongodbatlas:ServiceAccount
name: this
properties:
orgId: ${orgId}
name: example-service-account
description: Example Service Account
roles:
- ORG_READ_ONLY
secretExpiresAfterHours: 2160 # 90 days
thisServiceAccountSecret:
type: mongodbatlas:ServiceAccountSecret
name: this
properties:
orgId: ${orgId}
clientId: ${thisServiceAccount.clientId}
secretExpiresAfterHours: 2160 # 90 days
variables:
this:
fn::invoke:
function: mongodbatlas:getServiceAccountSecret
arguments:
orgId: ${orgId}
clientId: ${thisServiceAccount.clientId}
secretId: ${thisServiceAccountSecret.secretId}
outputs:
secretId: ${thisServiceAccountSecret.secretId}
secret: ${thisServiceAccountSecret.secret}
secretExpiresAt: ${this.expiresAt}
Using getServiceAccountSecret
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getServiceAccountSecret(args: GetServiceAccountSecretArgs, opts?: InvokeOptions): Promise<GetServiceAccountSecretResult>
function getServiceAccountSecretOutput(args: GetServiceAccountSecretOutputArgs, opts?: InvokeOptions): Output<GetServiceAccountSecretResult>def get_service_account_secret(client_id: Optional[str] = None,
org_id: Optional[str] = None,
secret_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetServiceAccountSecretResult
def get_service_account_secret_output(client_id: Optional[pulumi.Input[str]] = None,
org_id: Optional[pulumi.Input[str]] = None,
secret_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetServiceAccountSecretResult]func LookupServiceAccountSecret(ctx *Context, args *LookupServiceAccountSecretArgs, opts ...InvokeOption) (*LookupServiceAccountSecretResult, error)
func LookupServiceAccountSecretOutput(ctx *Context, args *LookupServiceAccountSecretOutputArgs, opts ...InvokeOption) LookupServiceAccountSecretResultOutput> Note: This function is named LookupServiceAccountSecret in the Go SDK.
public static class GetServiceAccountSecret
{
public static Task<GetServiceAccountSecretResult> InvokeAsync(GetServiceAccountSecretArgs args, InvokeOptions? opts = null)
public static Output<GetServiceAccountSecretResult> Invoke(GetServiceAccountSecretInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetServiceAccountSecretResult> getServiceAccountSecret(GetServiceAccountSecretArgs args, InvokeOptions options)
public static Output<GetServiceAccountSecretResult> getServiceAccountSecret(GetServiceAccountSecretArgs args, InvokeOptions options)
fn::invoke:
function: mongodbatlas:index/getServiceAccountSecret:getServiceAccountSecret
arguments:
# arguments dictionaryThe following arguments are supported:
getServiceAccountSecret Result
The following output properties are available:
- Client
Id string - The Client ID of the Service Account.
- Created
At string - The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- Expires
At string - The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Used stringAt - The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- Masked
Secret stringValue - The masked Service Account secret.
- Org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- Secret
Id string - Unique 24-hexadecimal digit string that identifies the secret.
- Client
Id string - The Client ID of the Service Account.
- Created
At string - The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- Expires
At string - The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Used stringAt - The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- Masked
Secret stringValue - The masked Service Account secret.
- Org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- Secret
Id string - Unique 24-hexadecimal digit string that identifies the secret.
- client
Id String - The Client ID of the Service Account.
- created
At String - The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- expires
At String - The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Used StringAt - The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- masked
Secret StringValue - The masked Service Account secret.
- org
Id String - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- secret
Id String - Unique 24-hexadecimal digit string that identifies the secret.
- client
Id string - The Client ID of the Service Account.
- created
At string - The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- expires
At string - The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- id string
- The provider-assigned unique ID for this managed resource.
- last
Used stringAt - The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- masked
Secret stringValue - The masked Service Account secret.
- org
Id string - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- secret
Id string - Unique 24-hexadecimal digit string that identifies the secret.
- client_
id str - The Client ID of the Service Account.
- created_
at str - The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- expires_
at str - The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- id str
- The provider-assigned unique ID for this managed resource.
- last_
used_ strat - The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- masked_
secret_ strvalue - The masked Service Account secret.
- org_
id str - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- secret_
id str - Unique 24-hexadecimal digit string that identifies the secret.
- client
Id String - The Client ID of the Service Account.
- created
At String - The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- expires
At String - The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Used StringAt - The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- masked
Secret StringValue - The masked Service Account secret.
- org
Id String - Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
- secret
Id String - Unique 24-hexadecimal digit string that identifies the secret.
Package Details
- Repository
- MongoDB Atlas pulumi/pulumi-mongodbatlas
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mongodbatlasTerraform Provider.
MongoDB Atlas v4.2.0 published on Friday, Jan 23, 2026 by Pulumi
