mongodb · rakhul-mongo · Jan 29, 2026 · Dec 18, 2025 · Jan 21, 2026 · Jan 21, 2026
@@ -20,6 +20,7 @@ jobs:
      cluster-outage-simulation: ${{ steps.filter.outputs.cluster-outage-simulation }}
      federated-database-instance: ${{ steps.filter.outputs.federated-database-instance }}
      federated-query-limit: ${{ steps.filter.outputs.federated-query-limit }}
+     federated-settings-identity-provider: ${{ steps.filter.outputs.federated-settings-identity-provider }}
      flex-cluster: ${{ steps.filter.outputs.flex-cluster }}
      online-archive: ${{ steps.filter.outputs.online-archive }}
      organization: ${{ steps.filter.outputs.organization }}
@@ -59,6 +60,8 @@ jobs:
           - 'cfn-resources/federated-database-instance/**'
         federated-query-limit:
           - 'cfn-resources/federated-query-limit/**'
+        federated-settings-identity-provider:
+          - 'cfn-resources/federated-settings-identity-provider/**'
         flex-cluster:
           - 'cfn-resources/flex-cluster/**'
         online-archive:
@@ -451,7 +454,50 @@ jobs:
 
           cat inputs/inputs_1_create.json
           cat inputs/inputs_1_update.json
-
+
+          make run-contract-testing
+          make delete-test-resources
+
+  federated-settings-identity-provider:
+    needs: change-detection
+    if: ${{ needs.change-detection.outputs.federated-settings-identity-provider == 'true' }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5
+        with:
+          go-version-file: 'cfn-resources/go.mod'
+      - name: setup Atlas CLI
+        uses: mongodb/atlas-github-action@e3c9e0204659bafbb3b65e1eb1ee745cca0e9f3b
+      - uses: aws-actions/setup-sam@c2a20b1822cc4a6bc594ff7f1dbb658758e383c3
+        with:
+          use-installer: true
+      - uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_TEST_ENV }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_TEST_ENV }}
+          aws-region: eu-west-1
+      - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
+        with:
+          python-version: '3.9'
+          cache: 'pip' # caching pip dependencies
+      - run: pip install cloudformation-cli cloudformation-cli-go-plugin
+      - name: Run the Contract test
+        shell: bash
+        env:
+          MONGODB_ATLAS_PUBLIC_API_KEY: ${{ secrets.CLOUD_DEV_PUBLIC_KEY }}
+          MONGODB_ATLAS_PRIVATE_API_KEY: ${{ secrets.CLOUD_DEV_PRIVATE_KEY }}
+          MONGODB_ATLAS_ORG_ID: ${{ secrets.CLOUD_DEV_ORG_ID }}
+          MONGODB_ATLAS_OPS_MANAGER_URL: ${{ vars.MONGODB_ATLAS_BASE_URL }}
+          MONGODB_ATLAS_PROFILE: cfn-cloud-dev-github-action
+          MONGODB_ATLAS_FEDERATION_SETTINGS_ID: ${{ vars.MONGODB_ATLAS_FEDERATION_SETTINGS_ID }}
+        run: |
+          cd cfn-resources/federated-settings-identity-provider
+          make create-test-resources
+
+          cat inputs/inputs_1_create.json
+          cat inputs/inputs_1_update.json
+
           make run-contract-testing
           make delete-test-resources
 

@@ -0,0 +1,12 @@
+{
+  "typeName": "MongoDB::Atlas::FederatedSettingsIdentityProvider",
+  "language": "go",
+  "runtime": "provided.al2",
+  "entrypoint": "bootstrap",
+  "testEntrypoint": "bootstrap",
+  "settings": {
+    "import_path": "github.com/mongodb/mongodbatlas-cloudformation-resources/federated-settings-identity-provider",
+    "protocolVersion": "2.0.0",
+    "pluginVersion": "2.0.4"
+  }
+}
@@ -0,0 +1,37 @@
+.PHONY: build test clean
+tags=logging callback metrics scheduler
+cgo=0
+goos=linux
+goarch=amd64
+CFNREP_GIT_SHA?=$(shell git rev-parse HEAD)
+ldXflags=-s -w -X github.com/mongodb/mongodbatlas-cloudformation-resources/util.defaultLogLevel=info -X github.com/mongodb/mongodbatlas-cloudformation-resources/version.Version=${CFNREP_GIT_SHA}
+ldXflagsD=-X github.com/mongodb/mongodbatlas-cloudformation-resources/util.defaultLogLevel=debug -X github.com/mongodb/mongodbatlas-cloudformation-resources/version.Version=${CFNREP_GIT_SHA}
+
+build:
+	cfn generate
+	env GOOS=$(goos) CGO_ENABLED=$(cgo) GOARCH=$(goarch) go build -ldflags="$(ldXflags)" -tags="$(tags)" -o bin/bootstrap cmd/main.go
+
+debug:
+	cfn generate
+	env GOOS=$(goos) CGO_ENABLED=$(cgo) GOARCH=$(goarch) go build -ldflags="$(ldXflagsD)" -tags="$(tags)" -o bin/debug cmd/main.go
+
+clean:
+	rm -rf bin
+
+submit: clean build # submit to private registry must use release build not debug build
+	@echo "==> Submitting to private registry for testing"
+	 cfn submit --set-default --region us-east-1
+
+create-test-resources:
+	@echo "==> Creating test files and resources for contract testing"
+	./test/contract-testing/cfn-test-create.sh
+
+delete-test-resources:
+	@echo "==> Delete test resources used for contract testing"
+	./test/contract-testing/cfn-test-delete.sh
+
+run-contract-testing:
+	@echo "==> Run contract testing"
+	make build
+	sam local start-lambda &
+	cfn test --function-name TestEntrypoint --verbose
@@ -0,0 +1,31 @@
+# MongoDB::Atlas::FederatedSettingsIdentityProvider
+
+## Description
+
+The federated settings identity provider resource provides access to your Atlas
+federated authentication identity providers (SAML and OIDC). It lets you
+create, edit, and delete identity providers within an Atlas federation.
+
+## Requirements
+
+To securely give CloudFormation access to your Atlas credentials, you must
+set up an [AWS Profile](/README.md#mongodb-atlas-api-keys-credential-management).
+
+## Attributes and Parameters
+
+See the [resource docs](docs/README.md).
+
+## Cloudformation Examples
+
+Examples for this resource will be added in `/examples/`.
+
+## Contract Testing
+
+Contract testing requires a valid Federation Settings ID
+export MONGODB_ATLAS_FEDERATION_SETTINGS_ID="your-federation-settings-id"
+
+# Run contract tests
+
+make create-test-resources
+cfn test -- -k contract_create_delete
+make delete-test-resources