/ home / community / community.mongodb / 1.7.3 / module / mongodb_atlas_ldap_user

community.mongodb.mongodb_atlas_ldap_user (1.7.3) — module

Manage LDAP users in Atlas

Authors: Martin Schurz (@schurzi) / Derek Giri

Install collection

Install with ansible-galaxy collection install community.mongodb:==1.7.3

Add to requirements.yml

  collections:
    - name: community.mongodb
      version: 1.7.3

Description

The mongodb_atlas_ldap_user module lets you create LDAP groups on the admin database by mapping LDAP groups to MongoDB roles on your Atlas databases.

Each user or group has a set of roles that provide access to the project's databases.

L(API Documentation,https://docs.atlas.mongodb.com/security-ldaps/)

Usage examples

Scanned by Steampunk Spotter

    - name: LDAP Group or Username
      community.mongodb.mongodb_atlas_ldap_user:
        api_username: "API_user"
        api_password: "API_passwort_or_token"
        atlas_ldap_user: "USER DN or GROUP DN"
        group_id: "GROUP_ID"
        database_name: "admin"
        username: my_app_user
        roles:
          - database_name: private_info
            role_name: read
          - database_name: public_info
            role_name: readWrite

Inputs

    
roles:
    description:
    - Array of this user's roles and the databases / collections on which the roles apply.
    - A role must include folliwing elements
    elements: dict
    required: true
    suboptions:
      database_name:
        aliases:
        - databaseName
        description:
        - Database on which the user has the specified role.
        - A role on the admin database can include privileges that apply to the other
          databases.
        required: true
        type: str
      role_name:
        aliases:
        - roleName
        description:
        - Name of the role. This value can either be a built-in role or a custom role.
        required: true
        type: str
    type: list

state:
    choices:
    - present
    - absent
    default: present
    description:
    - State of the ressource.
    type: str

group_id:
    aliases:
    - groupId
    description:
    - Unique identifier for the Atlas project.
    required: true
    type: str

username:
    description:
    - Username for authenticating to MongoDB.
    required: true
    type: str

api_password:
    aliases:
    - apiPassword
    description:
    - The password for use in authentication with the Atlas API.
    - Can use API users and tokens (private key is password)
    required: true
    type: str

api_username:
    aliases:
    - apiUsername
    description:
    - The username for use in authentication with the Atlas API.
    - Can use API users and tokens (public key is username)
    required: true
    type: str

database_name:
    aliases:
    - databaseName
    choices:
    - admin
    - $external
    default: admin
    description:
    - Database against which Atlas authenticates the user.
    type: str

ldap_auth_type:
    aliases:
    - ldapAuthType
    choices:
    - GROUP
    - USER
    default: GROUP
    description:
    - Type of LDAP authorization for the user i.e. USER or GROUP
    type: str