mongodbatlas.ServiceAccount

MongoDB Atlas v4.2.0, Jan 23 26

MongoDB Atlas v4.2.0 published on Friday, Jan 23, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-mongodbatlas

MongoDB Atlas v4.2.0 published on Friday, Jan 23, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-mongodbatlas

Example Usage

Create ServiceAccount Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ServiceAccount(name: string, args: ServiceAccountArgs, opts?: CustomResourceOptions);

@overload
def ServiceAccount(resource_name: str,
                   args: ServiceAccountArgs,
                   opts: Optional[ResourceOptions] = None)

@overload
def ServiceAccount(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   description: Optional[str] = None,
                   org_id: Optional[str] = None,
                   roles: Optional[Sequence[str]] = None,
                   name: Optional[str] = None,
                   secret_expires_after_hours: Optional[int] = None)

func NewServiceAccount(ctx *Context, name string, args ServiceAccountArgs, opts ...ResourceOption) (*ServiceAccount, error)

public ServiceAccount(string name, ServiceAccountArgs args, CustomResourceOptions? opts = null)

public ServiceAccount(String name, ServiceAccountArgs args)
public ServiceAccount(String name, ServiceAccountArgs args, CustomResourceOptions options)

type: mongodbatlas:ServiceAccount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ServiceAccountArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ServiceAccountArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ServiceAccountArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ServiceAccountArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ServiceAccountArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var serviceAccountResource = new Mongodbatlas.ServiceAccount("serviceAccountResource", new()
{
    Description = "string",
    OrgId = "string",
    Roles = new[]
    {
        "string",
    },
    Name = "string",
    SecretExpiresAfterHours = 0,
});

example, err := mongodbatlas.NewServiceAccount(ctx, "serviceAccountResource", &mongodbatlas.ServiceAccountArgs{
	Description: pulumi.String("string"),
	OrgId:       pulumi.String("string"),
	Roles: pulumi.StringArray{
		pulumi.String("string"),
	},
	Name:                    pulumi.String("string"),
	SecretExpiresAfterHours: pulumi.Int(0),
})

var serviceAccountResource = new ServiceAccount("serviceAccountResource", ServiceAccountArgs.builder()
    .description("string")
    .orgId("string")
    .roles("string")
    .name("string")
    .secretExpiresAfterHours(0)
    .build());

service_account_resource = mongodbatlas.ServiceAccount("serviceAccountResource",
    description="string",
    org_id="string",
    roles=["string"],
    name="string",
    secret_expires_after_hours=0)

const serviceAccountResource = new mongodbatlas.ServiceAccount("serviceAccountResource", {
    description: "string",
    orgId: "string",
    roles: ["string"],
    name: "string",
    secretExpiresAfterHours: 0,
});

type: mongodbatlas:ServiceAccount
properties:
    description: string
    name: string
    orgId: string
    roles:
        - string
    secretExpiresAfterHours: 0

ServiceAccount Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ServiceAccount resource accepts the following input properties:

Description string: Human readable description for the Service Account.
OrgId string: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
Roles List<string>: A list of organization-level roles for the Service Account.
Name string: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
SecretExpiresAfterHours int: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.

Description string: Human readable description for the Service Account.
OrgId string: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
Roles []string: A list of organization-level roles for the Service Account.
Name string: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
SecretExpiresAfterHours int: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.

description String: Human readable description for the Service Account.
orgId String: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles List<String>: A list of organization-level roles for the Service Account.
name String: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
secretExpiresAfterHours Integer: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.

description string: Human readable description for the Service Account.
orgId string: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles string[]: A list of organization-level roles for the Service Account.
name string: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
secretExpiresAfterHours number: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.

description str: Human readable description for the Service Account.
org_id str: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles Sequence[str]: A list of organization-level roles for the Service Account.
name str: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
secret_expires_after_hours int: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.

description String: Human readable description for the Service Account.
orgId String: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles List<String>: A list of organization-level roles for the Service Account.
name String: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
secretExpiresAfterHours Number: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.

Outputs

All input properties are implicitly available as output properties. Additionally, the ServiceAccount resource produces the following output properties:

ClientId string: The Client ID of the Service Account.
CreatedAt string: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
Id string: The provider-assigned unique ID for this managed resource.
Secrets List<ServiceAccountSecret>: A list of secrets associated with the specified Service Account.

ClientId string: The Client ID of the Service Account.
CreatedAt string: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
Id string: The provider-assigned unique ID for this managed resource.
Secrets []ServiceAccountSecretType: A list of secrets associated with the specified Service Account.

clientId String: The Client ID of the Service Account.
createdAt String: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
id String: The provider-assigned unique ID for this managed resource.
secrets List<ServiceAccountSecret>: A list of secrets associated with the specified Service Account.

clientId string: The Client ID of the Service Account.
createdAt string: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
id string: The provider-assigned unique ID for this managed resource.
secrets ServiceAccountSecret[]: A list of secrets associated with the specified Service Account.

client_id str: The Client ID of the Service Account.
created_at str: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
id str: The provider-assigned unique ID for this managed resource.
secrets Sequence[ServiceAccountSecret]: A list of secrets associated with the specified Service Account.

clientId String: The Client ID of the Service Account.
createdAt String: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
id String: The provider-assigned unique ID for this managed resource.
secrets List<Property Map>: A list of secrets associated with the specified Service Account.

Look up Existing ServiceAccount Resource

Get an existing ServiceAccount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ServiceAccountState, opts?: CustomResourceOptions): ServiceAccount

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        client_id: Optional[str] = None,
        created_at: Optional[str] = None,
        description: Optional[str] = None,
        name: Optional[str] = None,
        org_id: Optional[str] = None,
        roles: Optional[Sequence[str]] = None,
        secret_expires_after_hours: Optional[int] = None,
        secrets: Optional[Sequence[ServiceAccountSecretArgs]] = None) -> ServiceAccount

func GetServiceAccount(ctx *Context, name string, id IDInput, state *ServiceAccountState, opts ...ResourceOption) (*ServiceAccount, error)

public static ServiceAccount Get(string name, Input<string> id, ServiceAccountState? state, CustomResourceOptions? opts = null)

public static ServiceAccount get(String name, Output<String> id, ServiceAccountState state, CustomResourceOptions options)

resources:  _:    type: mongodbatlas:ServiceAccount    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ClientId string: The Client ID of the Service Account.
CreatedAt string: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
Description string: Human readable description for the Service Account.
Name string: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
OrgId string: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
Roles List<string>: A list of organization-level roles for the Service Account.
SecretExpiresAfterHours int: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.
Secrets List<ServiceAccountSecret>: A list of secrets associated with the specified Service Account.

ClientId string: The Client ID of the Service Account.
CreatedAt string: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
Description string: Human readable description for the Service Account.
Name string: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
OrgId string: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
Roles []string: A list of organization-level roles for the Service Account.
SecretExpiresAfterHours int: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.
Secrets []ServiceAccountSecretTypeArgs: A list of secrets associated with the specified Service Account.

clientId String: The Client ID of the Service Account.
createdAt String: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
description String: Human readable description for the Service Account.
name String: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
orgId String: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles List<String>: A list of organization-level roles for the Service Account.
secretExpiresAfterHours Integer: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.
secrets List<ServiceAccountSecret>: A list of secrets associated with the specified Service Account.

clientId string: The Client ID of the Service Account.
createdAt string: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
description string: Human readable description for the Service Account.
name string: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
orgId string: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles string[]: A list of organization-level roles for the Service Account.
secretExpiresAfterHours number: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.
secrets ServiceAccountSecret[]: A list of secrets associated with the specified Service Account.

client_id str: The Client ID of the Service Account.
created_at str: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
description str: Human readable description for the Service Account.
name str: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
org_id str: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles Sequence[str]: A list of organization-level roles for the Service Account.
secret_expires_after_hours int: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.
secrets Sequence[ServiceAccountSecretArgs]: A list of secrets associated with the specified Service Account.

clientId String: The Client ID of the Service Account.
createdAt String: The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
description String: Human readable description for the Service Account.
name String: Human-readable name for the Service Account. The name is modifiable and does not have to be unique.
orgId String: Unique 24-hexadecimal digit string that identifies the organization that contains your projects.
roles List<String>: A list of organization-level roles for the Service Account.
secretExpiresAfterHours Number: The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings. This attribute is required when creating the Service Account and you cannot update it later.
secrets List<Property Map>: A list of secrets associated with the specified Service Account.

Supporting Types

ServiceAccountSecret, ServiceAccountSecretArgs

CreatedAt string: The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
ExpiresAt string: The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
LastUsedAt string: The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
MaskedSecretValue string: The masked Service Account secret.
Secret string: The secret for the Service Account. It will be returned only the first time after creation.
SecretId string: Unique 24-hexadecimal digit string that identifies the secret.

CreatedAt string: The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
ExpiresAt string: The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
LastUsedAt string: The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
MaskedSecretValue string: The masked Service Account secret.
Secret string: The secret for the Service Account. It will be returned only the first time after creation.
SecretId string: Unique 24-hexadecimal digit string that identifies the secret.

createdAt String: The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
expiresAt String: The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
lastUsedAt String: The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
maskedSecretValue String: The masked Service Account secret.
secret String: The secret for the Service Account. It will be returned only the first time after creation.
secretId String: Unique 24-hexadecimal digit string that identifies the secret.

createdAt string: The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
expiresAt string: The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
lastUsedAt string: The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
maskedSecretValue string: The masked Service Account secret.
secret string: The secret for the Service Account. It will be returned only the first time after creation.
secretId string: Unique 24-hexadecimal digit string that identifies the secret.

created_at str: The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
expires_at str: The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
last_used_at str: The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
masked_secret_value str: The masked Service Account secret.
secret str: The secret for the Service Account. It will be returned only the first time after creation.
secret_id str: Unique 24-hexadecimal digit string that identifies the secret.

createdAt String: The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
expiresAt String: The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
lastUsedAt String: The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
maskedSecretValue String: The masked Service Account secret.
secret String: The secret for the Service Account. It will be returned only the first time after creation.
secretId String: Unique 24-hexadecimal digit string that identifies the secret.

Import

Import the Service Account resource by using the Organization ID and Client ID in the format ORG_ID/CLIENT_ID, e.g.

$ terraform import mongodbatlas_service_account.test 6117ac2fe2a3d04ed27a987v/mdb_sa_id_1234567890abcdef12345678

NOTE: secret_expires_after_hours is not populated during import and should be omitted in the resource definition when importing the resource.

For more information, see Create One Organization Service Account in the MongoDB Atlas API documentation.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: MongoDB Atlas pulumi/pulumi-mongodbatlas
License: Apache-2.0
Notes: This Pulumi package is based on the mongodbatlas Terraform Provider.

MongoDB Atlas v4.2.0 published on Friday, Jan 23, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-mongodbatlas

mongodbatlas.ServiceAccount

On this page

On this page

Example Usage

Create ServiceAccount Resource

Constructor syntax

Parameters

Constructor example

ServiceAccount Resource Properties

Inputs

Outputs

Look up Existing ServiceAccount Resource

Supporting Types

ServiceAccountSecret, ServiceAccountSecretArgs

Import

Package Details

On this page

On this page