Returns, adds, edits, and removes database users.
To declare this entity in your AWS CloudFormation template, use the following syntax:
{
"Type" : "MongoDB::Atlas::DatabaseUser",
"Properties" : {
"DeleteAfterDate" : String,
"AWSIAMType" : String,
"DatabaseName" : String,
"Description" : String,
"Labels" : [ labelDefinition, ... ],
"LdapAuthType" : String,
"X509Type" : String,
"Password" : String,
"ProjectId" : String,
"Roles" : [ roleDefinition, ... ],
"Scopes" : [ scopeDefinition, ... ],
"Username" : String,
"Profile" : String
}
}
Type: MongoDB::Atlas::DatabaseUser
Properties:
DeleteAfterDate: String
AWSIAMType: String
DatabaseName: String
Description: String
Labels:
- labelDefinition
LdapAuthType: String
X509Type: String
Password: String
ProjectId: String
Roles:
- roleDefinition
Scopes:
- scopeDefinition
Username: String
Profile: String
Date and time when MongoDB Cloud deletes the user. This parameter expresses its value in the ISO 8601 timestamp format in UTC and can include the time zone designation. You must specify a future date that falls within one week of making the Application Programming Interface (API) request.
Required: No
Type: String
Update requires: No interruption
Human-readable label that indicates whether the new database user authenticates with the Amazon Web Services (AWS) Identity and Access Management (IAM) credentials associated with the user or the user's role. Default value is NONE.
Required: No
Type: String
Allowed Values: NONE | USER | ROLE
Update requires: No interruption
MongoDB database against which the MongoDB database user authenticates. MongoDB database users must provide both a username and authentication database to log into MongoDB. Default value is admin.
Required: Yes
Type: String
Update requires: No interruption
Description of this database user.
Required: No
Type: String
Update requires: No interruption
List that contains the key-value pairs for tagging and categorizing the MongoDB database user. The labels that you define do not appear in the console.
Required: No
Type: List of labelDefinition
Update requires: No interruption
Method by which the provided username is authenticated. Default value is NONE.
Required: No
Type: String
Allowed Values: NONE | USER | GROUP
Update requires: No interruption
Method that briefs who owns the certificate provided. Default value is NONE.
Required: No
Type: String
Allowed Values: NONE | MANAGED | CUSTOMER
Update requires: No interruption
The user’s password. This field is not included in the entity returned from the server.
Required: No
Type: String
Update requires: No interruption
Unique 24-hexadecimal digit string that identifies your Atlas Project.
Required: Yes
Type: String
Update requires: Replacement
List that provides the pairings of one role with one applicable database.
Required: Yes
Type: List of roleDefinition
Update requires: No interruption
List that contains clusters and MongoDB Atlas Data Federation that this database user can access. If omitted, MongoDB Cloud grants the database user access to all the clusters and MongoDB Atlas Data Federation in the project.
Required: No
Type: List of scopeDefinition
Update requires: No interruption
Human-readable label that represents the user that authenticates to MongoDB. The format of this label depends on the method of authentication. This will be USER_ARN or ROLE_ARN if AWSIAMType is USER or ROLE. Refer https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Database-Users/operation/createDatabaseUser for details.
Required: Yes
Type: String
Update requires: No interruption
Profile used to provide credentials information, (a secret with the cfn/atlas/profile/{Profile}, is required), if not provided default is used
Required: No
Type: String
Update requires: Replacement
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
A unique identifier comprised of the Atlas Project ID and Username.