1. Packages
  2. MongoDB Atlas
  3. API Docs
  4. LdapConfiguration
MongoDB Atlas v3.16.0 published on Wednesday, Jun 12, 2024 by Pulumi

mongodbatlas.LdapConfiguration

Explore with Pulumi AI

mongodbatlas logo
MongoDB Atlas v3.16.0 published on Wednesday, Jun 12, 2024 by Pulumi

    mongodbatlas.LdapConfiguration provides an LDAP Configuration resource. This allows an LDAP configuration for an Atlas project to be crated and managed. This endpoint doesn’t verify connectivity using the provided LDAP over TLS configuration details. To verify a configuration before saving it, use the resource to verify the LDAP configuration.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as mongodbatlas from "@pulumi/mongodbatlas";
    
    const test = new mongodbatlas.Project("test", {
        name: "NAME OF THE PROJECT",
        orgId: "ORG ID",
    });
    const testLdapConfiguration = new mongodbatlas.LdapConfiguration("test", {
        projectId: test.id,
        authenticationEnabled: true,
        hostname: "HOSTNAME",
        port: 636,
        bindUsername: "USERNAME",
        bindPassword: "PASSWORD",
    });
    
    import pulumi
    import pulumi_mongodbatlas as mongodbatlas
    
    test = mongodbatlas.Project("test",
        name="NAME OF THE PROJECT",
        org_id="ORG ID")
    test_ldap_configuration = mongodbatlas.LdapConfiguration("test",
        project_id=test.id,
        authentication_enabled=True,
        hostname="HOSTNAME",
        port=636,
        bind_username="USERNAME",
        bind_password="PASSWORD")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		test, err := mongodbatlas.NewProject(ctx, "test", &mongodbatlas.ProjectArgs{
    			Name:  pulumi.String("NAME OF THE PROJECT"),
    			OrgId: pulumi.String("ORG ID"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = mongodbatlas.NewLdapConfiguration(ctx, "test", &mongodbatlas.LdapConfigurationArgs{
    			ProjectId:             test.ID(),
    			AuthenticationEnabled: pulumi.Bool(true),
    			Hostname:              pulumi.String("HOSTNAME"),
    			Port:                  pulumi.Int(636),
    			BindUsername:          pulumi.String("USERNAME"),
    			BindPassword:          pulumi.String("PASSWORD"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Mongodbatlas = Pulumi.Mongodbatlas;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Mongodbatlas.Project("test", new()
        {
            Name = "NAME OF THE PROJECT",
            OrgId = "ORG ID",
        });
    
        var testLdapConfiguration = new Mongodbatlas.LdapConfiguration("test", new()
        {
            ProjectId = test.Id,
            AuthenticationEnabled = true,
            Hostname = "HOSTNAME",
            Port = 636,
            BindUsername = "USERNAME",
            BindPassword = "PASSWORD",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.mongodbatlas.Project;
    import com.pulumi.mongodbatlas.ProjectArgs;
    import com.pulumi.mongodbatlas.LdapConfiguration;
    import com.pulumi.mongodbatlas.LdapConfigurationArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new Project("test", ProjectArgs.builder()
                .name("NAME OF THE PROJECT")
                .orgId("ORG ID")
                .build());
    
            var testLdapConfiguration = new LdapConfiguration("testLdapConfiguration", LdapConfigurationArgs.builder()
                .projectId(test.id())
                .authenticationEnabled(true)
                .hostname("HOSTNAME")
                .port(636)
                .bindUsername("USERNAME")
                .bindPassword("PASSWORD")
                .build());
    
        }
    }
    
    resources:
      test:
        type: mongodbatlas:Project
        properties:
          name: NAME OF THE PROJECT
          orgId: ORG ID
      testLdapConfiguration:
        type: mongodbatlas:LdapConfiguration
        name: test
        properties:
          projectId: ${test.id}
          authenticationEnabled: true
          hostname: HOSTNAME
          port: 636
          bindUsername: USERNAME
          bindPassword: PASSWORD
    

    LDAP With User To DN Mapping

    import * as pulumi from "@pulumi/pulumi";
    import * as mongodbatlas from "@pulumi/mongodbatlas";
    
    const test = new mongodbatlas.Project("test", {
        name: "NAME OF THE PROJECT",
        orgId: "ORG ID",
    });
    const testLdapConfiguration = new mongodbatlas.LdapConfiguration("test", {
        projectId: test.id,
        authenticationEnabled: true,
        hostname: "HOSTNAME",
        port: 636,
        bindUsername: "USERNAME",
        bindPassword: "PASSWORD",
        caCertificate: "CA CERTIFICATE",
        authzQueryTemplate: "{USER}?memberOf?base",
        userToDnMappings: [{
            match: "(.+)",
            ldapQuery: "DC=example,DC=com??sub?(userPrincipalName={0})",
        }],
    });
    
    import pulumi
    import pulumi_mongodbatlas as mongodbatlas
    
    test = mongodbatlas.Project("test",
        name="NAME OF THE PROJECT",
        org_id="ORG ID")
    test_ldap_configuration = mongodbatlas.LdapConfiguration("test",
        project_id=test.id,
        authentication_enabled=True,
        hostname="HOSTNAME",
        port=636,
        bind_username="USERNAME",
        bind_password="PASSWORD",
        ca_certificate="CA CERTIFICATE",
        authz_query_template="{USER}?memberOf?base",
        user_to_dn_mappings=[mongodbatlas.LdapConfigurationUserToDnMappingArgs(
            match="(.+)",
            ldap_query="DC=example,DC=com??sub?(userPrincipalName={0})",
        )])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		test, err := mongodbatlas.NewProject(ctx, "test", &mongodbatlas.ProjectArgs{
    			Name:  pulumi.String("NAME OF THE PROJECT"),
    			OrgId: pulumi.String("ORG ID"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = mongodbatlas.NewLdapConfiguration(ctx, "test", &mongodbatlas.LdapConfigurationArgs{
    			ProjectId:             test.ID(),
    			AuthenticationEnabled: pulumi.Bool(true),
    			Hostname:              pulumi.String("HOSTNAME"),
    			Port:                  pulumi.Int(636),
    			BindUsername:          pulumi.String("USERNAME"),
    			BindPassword:          pulumi.String("PASSWORD"),
    			CaCertificate:         pulumi.String("CA CERTIFICATE"),
    			AuthzQueryTemplate:    pulumi.String("{USER}?memberOf?base"),
    			UserToDnMappings: mongodbatlas.LdapConfigurationUserToDnMappingArray{
    				&mongodbatlas.LdapConfigurationUserToDnMappingArgs{
    					Match:     pulumi.String("(.+)"),
    					LdapQuery: pulumi.String("DC=example,DC=com??sub?(userPrincipalName={0})"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Mongodbatlas = Pulumi.Mongodbatlas;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Mongodbatlas.Project("test", new()
        {
            Name = "NAME OF THE PROJECT",
            OrgId = "ORG ID",
        });
    
        var testLdapConfiguration = new Mongodbatlas.LdapConfiguration("test", new()
        {
            ProjectId = test.Id,
            AuthenticationEnabled = true,
            Hostname = "HOSTNAME",
            Port = 636,
            BindUsername = "USERNAME",
            BindPassword = "PASSWORD",
            CaCertificate = "CA CERTIFICATE",
            AuthzQueryTemplate = "{USER}?memberOf?base",
            UserToDnMappings = new[]
            {
                new Mongodbatlas.Inputs.LdapConfigurationUserToDnMappingArgs
                {
                    Match = "(.+)",
                    LdapQuery = "DC=example,DC=com??sub?(userPrincipalName={0})",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.mongodbatlas.Project;
    import com.pulumi.mongodbatlas.ProjectArgs;
    import com.pulumi.mongodbatlas.LdapConfiguration;
    import com.pulumi.mongodbatlas.LdapConfigurationArgs;
    import com.pulumi.mongodbatlas.inputs.LdapConfigurationUserToDnMappingArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new Project("test", ProjectArgs.builder()
                .name("NAME OF THE PROJECT")
                .orgId("ORG ID")
                .build());
    
            var testLdapConfiguration = new LdapConfiguration("testLdapConfiguration", LdapConfigurationArgs.builder()
                .projectId(test.id())
                .authenticationEnabled(true)
                .hostname("HOSTNAME")
                .port(636)
                .bindUsername("USERNAME")
                .bindPassword("PASSWORD")
                .caCertificate("CA CERTIFICATE")
                .authzQueryTemplate("{USER}?memberOf?base")
                .userToDnMappings(LdapConfigurationUserToDnMappingArgs.builder()
                    .match("(.+)")
                    .ldapQuery("DC=example,DC=com??sub?(userPrincipalName={0})")
                    .build())
                .build());
    
        }
    }
    
    resources:
      test:
        type: mongodbatlas:Project
        properties:
          name: NAME OF THE PROJECT
          orgId: ORG ID
      testLdapConfiguration:
        type: mongodbatlas:LdapConfiguration
        name: test
        properties:
          projectId: ${test.id}
          authenticationEnabled: true
          hostname: HOSTNAME
          port: 636
          bindUsername: USERNAME
          bindPassword: PASSWORD
          caCertificate: CA CERTIFICATE
          authzQueryTemplate: '{USER}?memberOf?base'
          userToDnMappings:
            - match: (.+)
              ldapQuery: DC=example,DC=com??sub?(userPrincipalName={0})
    

    Create LdapConfiguration Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new LdapConfiguration(name: string, args: LdapConfigurationArgs, opts?: CustomResourceOptions);
    @overload
    def LdapConfiguration(resource_name: str,
                          args: LdapConfigurationArgs,
                          opts: Optional[ResourceOptions] = None)
    
    @overload
    def LdapConfiguration(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          authentication_enabled: Optional[bool] = None,
                          bind_password: Optional[str] = None,
                          bind_username: Optional[str] = None,
                          hostname: Optional[str] = None,
                          project_id: Optional[str] = None,
                          authorization_enabled: Optional[bool] = None,
                          authz_query_template: Optional[str] = None,
                          ca_certificate: Optional[str] = None,
                          port: Optional[int] = None,
                          user_to_dn_mappings: Optional[Sequence[LdapConfigurationUserToDnMappingArgs]] = None)
    func NewLdapConfiguration(ctx *Context, name string, args LdapConfigurationArgs, opts ...ResourceOption) (*LdapConfiguration, error)
    public LdapConfiguration(string name, LdapConfigurationArgs args, CustomResourceOptions? opts = null)
    public LdapConfiguration(String name, LdapConfigurationArgs args)
    public LdapConfiguration(String name, LdapConfigurationArgs args, CustomResourceOptions options)
    
    type: mongodbatlas:LdapConfiguration
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args LdapConfigurationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args LdapConfigurationArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args LdapConfigurationArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args LdapConfigurationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args LdapConfigurationArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var ldapConfigurationResource = new Mongodbatlas.LdapConfiguration("ldapConfigurationResource", new()
    {
        AuthenticationEnabled = false,
        BindPassword = "string",
        BindUsername = "string",
        Hostname = "string",
        ProjectId = "string",
        AuthorizationEnabled = false,
        AuthzQueryTemplate = "string",
        CaCertificate = "string",
        Port = 0,
        UserToDnMappings = new[]
        {
            new Mongodbatlas.Inputs.LdapConfigurationUserToDnMappingArgs
            {
                LdapQuery = "string",
                Match = "string",
                Substitution = "string",
            },
        },
    });
    
    example, err := mongodbatlas.NewLdapConfiguration(ctx, "ldapConfigurationResource", &mongodbatlas.LdapConfigurationArgs{
    	AuthenticationEnabled: pulumi.Bool(false),
    	BindPassword:          pulumi.String("string"),
    	BindUsername:          pulumi.String("string"),
    	Hostname:              pulumi.String("string"),
    	ProjectId:             pulumi.String("string"),
    	AuthorizationEnabled:  pulumi.Bool(false),
    	AuthzQueryTemplate:    pulumi.String("string"),
    	CaCertificate:         pulumi.String("string"),
    	Port:                  pulumi.Int(0),
    	UserToDnMappings: mongodbatlas.LdapConfigurationUserToDnMappingArray{
    		&mongodbatlas.LdapConfigurationUserToDnMappingArgs{
    			LdapQuery:    pulumi.String("string"),
    			Match:        pulumi.String("string"),
    			Substitution: pulumi.String("string"),
    		},
    	},
    })
    
    var ldapConfigurationResource = new LdapConfiguration("ldapConfigurationResource", LdapConfigurationArgs.builder()
        .authenticationEnabled(false)
        .bindPassword("string")
        .bindUsername("string")
        .hostname("string")
        .projectId("string")
        .authorizationEnabled(false)
        .authzQueryTemplate("string")
        .caCertificate("string")
        .port(0)
        .userToDnMappings(LdapConfigurationUserToDnMappingArgs.builder()
            .ldapQuery("string")
            .match("string")
            .substitution("string")
            .build())
        .build());
    
    ldap_configuration_resource = mongodbatlas.LdapConfiguration("ldapConfigurationResource",
        authentication_enabled=False,
        bind_password="string",
        bind_username="string",
        hostname="string",
        project_id="string",
        authorization_enabled=False,
        authz_query_template="string",
        ca_certificate="string",
        port=0,
        user_to_dn_mappings=[mongodbatlas.LdapConfigurationUserToDnMappingArgs(
            ldap_query="string",
            match="string",
            substitution="string",
        )])
    
    const ldapConfigurationResource = new mongodbatlas.LdapConfiguration("ldapConfigurationResource", {
        authenticationEnabled: false,
        bindPassword: "string",
        bindUsername: "string",
        hostname: "string",
        projectId: "string",
        authorizationEnabled: false,
        authzQueryTemplate: "string",
        caCertificate: "string",
        port: 0,
        userToDnMappings: [{
            ldapQuery: "string",
            match: "string",
            substitution: "string",
        }],
    });
    
    type: mongodbatlas:LdapConfiguration
    properties:
        authenticationEnabled: false
        authorizationEnabled: false
        authzQueryTemplate: string
        bindPassword: string
        bindUsername: string
        caCertificate: string
        hostname: string
        port: 0
        projectId: string
        userToDnMappings:
            - ldapQuery: string
              match: string
              substitution: string
    

    LdapConfiguration Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The LdapConfiguration resource accepts the following input properties:

    AuthenticationEnabled bool
    Specifies whether user authentication with LDAP is enabled.
    BindPassword string
    The password used to authenticate the bind_username.
    BindUsername string
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    Hostname string
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    ProjectId string
    The unique ID for the project to configure LDAP.
    AuthorizationEnabled bool
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    AuthzQueryTemplate string
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    CaCertificate string
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    Port int
    The port to which the LDAP server listens for client connections. Default: 636
    UserToDnMappings List<LdapConfigurationUserToDnMapping>
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    AuthenticationEnabled bool
    Specifies whether user authentication with LDAP is enabled.
    BindPassword string
    The password used to authenticate the bind_username.
    BindUsername string
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    Hostname string
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    ProjectId string
    The unique ID for the project to configure LDAP.
    AuthorizationEnabled bool
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    AuthzQueryTemplate string
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    CaCertificate string
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    Port int
    The port to which the LDAP server listens for client connections. Default: 636
    UserToDnMappings []LdapConfigurationUserToDnMappingArgs
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authenticationEnabled Boolean
    Specifies whether user authentication with LDAP is enabled.
    bindPassword String
    The password used to authenticate the bind_username.
    bindUsername String
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    hostname String
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    projectId String
    The unique ID for the project to configure LDAP.
    authorizationEnabled Boolean
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authzQueryTemplate String
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    caCertificate String
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    port Integer
    The port to which the LDAP server listens for client connections. Default: 636
    userToDnMappings List<LdapConfigurationUserToDnMapping>
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authenticationEnabled boolean
    Specifies whether user authentication with LDAP is enabled.
    bindPassword string
    The password used to authenticate the bind_username.
    bindUsername string
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    hostname string
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    projectId string
    The unique ID for the project to configure LDAP.
    authorizationEnabled boolean
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authzQueryTemplate string
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    caCertificate string
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    port number
    The port to which the LDAP server listens for client connections. Default: 636
    userToDnMappings LdapConfigurationUserToDnMapping[]
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authentication_enabled bool
    Specifies whether user authentication with LDAP is enabled.
    bind_password str
    The password used to authenticate the bind_username.
    bind_username str
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    hostname str
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    project_id str
    The unique ID for the project to configure LDAP.
    authorization_enabled bool
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authz_query_template str
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    ca_certificate str
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    port int
    The port to which the LDAP server listens for client connections. Default: 636
    user_to_dn_mappings Sequence[LdapConfigurationUserToDnMappingArgs]
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authenticationEnabled Boolean
    Specifies whether user authentication with LDAP is enabled.
    bindPassword String
    The password used to authenticate the bind_username.
    bindUsername String
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    hostname String
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    projectId String
    The unique ID for the project to configure LDAP.
    authorizationEnabled Boolean
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authzQueryTemplate String
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    caCertificate String
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    port Number
    The port to which the LDAP server listens for client connections. Default: 636
    userToDnMappings List<Property Map>
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the LdapConfiguration resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing LdapConfiguration Resource

    Get an existing LdapConfiguration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: LdapConfigurationState, opts?: CustomResourceOptions): LdapConfiguration
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            authentication_enabled: Optional[bool] = None,
            authorization_enabled: Optional[bool] = None,
            authz_query_template: Optional[str] = None,
            bind_password: Optional[str] = None,
            bind_username: Optional[str] = None,
            ca_certificate: Optional[str] = None,
            hostname: Optional[str] = None,
            port: Optional[int] = None,
            project_id: Optional[str] = None,
            user_to_dn_mappings: Optional[Sequence[LdapConfigurationUserToDnMappingArgs]] = None) -> LdapConfiguration
    func GetLdapConfiguration(ctx *Context, name string, id IDInput, state *LdapConfigurationState, opts ...ResourceOption) (*LdapConfiguration, error)
    public static LdapConfiguration Get(string name, Input<string> id, LdapConfigurationState? state, CustomResourceOptions? opts = null)
    public static LdapConfiguration get(String name, Output<String> id, LdapConfigurationState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AuthenticationEnabled bool
    Specifies whether user authentication with LDAP is enabled.
    AuthorizationEnabled bool
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    AuthzQueryTemplate string
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    BindPassword string
    The password used to authenticate the bind_username.
    BindUsername string
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    CaCertificate string
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    Hostname string
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    Port int
    The port to which the LDAP server listens for client connections. Default: 636
    ProjectId string
    The unique ID for the project to configure LDAP.
    UserToDnMappings List<LdapConfigurationUserToDnMapping>
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    AuthenticationEnabled bool
    Specifies whether user authentication with LDAP is enabled.
    AuthorizationEnabled bool
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    AuthzQueryTemplate string
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    BindPassword string
    The password used to authenticate the bind_username.
    BindUsername string
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    CaCertificate string
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    Hostname string
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    Port int
    The port to which the LDAP server listens for client connections. Default: 636
    ProjectId string
    The unique ID for the project to configure LDAP.
    UserToDnMappings []LdapConfigurationUserToDnMappingArgs
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authenticationEnabled Boolean
    Specifies whether user authentication with LDAP is enabled.
    authorizationEnabled Boolean
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authzQueryTemplate String
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    bindPassword String
    The password used to authenticate the bind_username.
    bindUsername String
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    caCertificate String
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    hostname String
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    port Integer
    The port to which the LDAP server listens for client connections. Default: 636
    projectId String
    The unique ID for the project to configure LDAP.
    userToDnMappings List<LdapConfigurationUserToDnMapping>
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authenticationEnabled boolean
    Specifies whether user authentication with LDAP is enabled.
    authorizationEnabled boolean
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authzQueryTemplate string
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    bindPassword string
    The password used to authenticate the bind_username.
    bindUsername string
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    caCertificate string
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    hostname string
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    port number
    The port to which the LDAP server listens for client connections. Default: 636
    projectId string
    The unique ID for the project to configure LDAP.
    userToDnMappings LdapConfigurationUserToDnMapping[]
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authentication_enabled bool
    Specifies whether user authentication with LDAP is enabled.
    authorization_enabled bool
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authz_query_template str
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    bind_password str
    The password used to authenticate the bind_username.
    bind_username str
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    ca_certificate str
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    hostname str
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    port int
    The port to which the LDAP server listens for client connections. Default: 636
    project_id str
    The unique ID for the project to configure LDAP.
    user_to_dn_mappings Sequence[LdapConfigurationUserToDnMappingArgs]
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    authenticationEnabled Boolean
    Specifies whether user authentication with LDAP is enabled.
    authorizationEnabled Boolean
    Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
    authzQueryTemplate String
    An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: {USER}?memberOf?base.
    bindPassword String
    The password used to authenticate the bind_username.
    bindUsername String
    The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com.
    caCertificate String
    CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
    hostname String
    The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
    port Number
    The port to which the LDAP server listens for client connections. Default: 636
    projectId String
    The unique ID for the project to configure LDAP.
    userToDnMappings List<Property Map>
    Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a match regular expression and either a substitution or ldap_query template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the match filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the MongoDB Atlas API Reference.

    • user_to_dn_mapping.0.match - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the substitution or ldap_query template.
    • user_to_dn_mapping.0.substitution - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the match regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.
    • user_to_dn_mapping.0.ldap_query - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the match regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the match regular expression.

    Supporting Types

    LdapConfigurationUserToDnMapping, LdapConfigurationUserToDnMappingArgs

    LdapQuery string
    Match string
    Substitution string
    LdapQuery string
    Match string
    Substitution string
    ldapQuery String
    match String
    substitution String
    ldapQuery string
    match string
    substitution string
    ldapQuery String
    match String
    substitution String

    Import

    LDAP Configuration must be imported using project ID, e.g.

    $ pulumi import mongodbatlas:index/ldapConfiguration:LdapConfiguration test 5d09d6a59ccf6445652a444a
    

    For more information see: MongoDB Atlas API Reference.

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    MongoDB Atlas pulumi/pulumi-mongodbatlas
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the mongodbatlas Terraform Provider.
    mongodbatlas logo
    MongoDB Atlas v3.16.0 published on Wednesday, Jun 12, 2024 by Pulumi