t_systems_mms.mongodb_atlas.atlas_user (0.3.3) — module

Manage database users in Atlas

Authors: Martin Schurz (@schurzi)

preview | supported by community

Install collection

Install with ansible-galaxy collection install t_systems_mms.mongodb_atlas:==0.3.3


Add to requirements.yml

  collections:
    - name: t_systems_mms.mongodb_atlas
      version: 0.3.3

Description

The atlas_users module lets you create, modify and delete the database users in your cluster.

Each user has a set of roles that provide access to the project's databases.

A user's roles apply to all the clusters in the project

if two clusters have a products database and a user has a role granting read access on the products database,

the user has that access on both clusters.

L(API Documentation,https://docs.atlas.mongodb.com/reference/api/database-users/)

Usage examples

  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
    - name: test user
      atlas_user:
        apiUsername: "API_user"
        apiPassword: "API_passwort_or_token"
        groupId: "GROUP_ID"
        username: my_app_user
        password: SuperSecret!
        roles:
          - databaseName: private_info
            roleName: read
          - databaseName: public_info
            roleName: readWrite

Inputs

    
roles:
    description:
    - Array of this user's roles and the databases / collections on which the roles apply.
    - A role must include following elements
    elements: dict
    required: true
    suboptions:
      databaseName:
        description:
        - Database on which the user has the specified role.
        - A role on the admin database can include privileges that apply to the other
          databases.
        required: true
        type: str
      roleName:
        description:
        - Name of the role. This value can either be a built-in role or a custom role.
        required: true
        type: str
    type: list

state:
    choices:
    - present
    - absent
    default: present
    description:
    - State of the ressource.
    type: str

scopes:
    default: []
    description:
    - List of clusters and Atlas Data Lakes that this user can access.
    - Atlas grants database users access to all resources by default.
    elements: dict
    required: false
    suboptions:
      name:
        description:
        - Name of the cluster or Atlas Data Lake that the database user can access.
        required: true
        type: str
      type:
        choices:
        - CLUSTER
        - DATA_LAKE
        default: CLUSTER
        description:
        - Type of resource that the database user can access.
        type: str
    type: list

groupId:
    description:
    - Unique identifier for the Atlas project.
    required: true
    type: str

password:
    description:
    - User's password.
    required: true
    type: str

username:
    description:
    - Username for authenticating to MongoDB.
    required: true
    type: str

apiPassword:
    description:
    - The password for use in authentication with the Atlas API.
    - Can use API users and tokens (private key is password)
    required: true
    type: str

apiUsername:
    description:
    - The username for use in authentication with the Atlas API.
    - Can use API users and tokens (public key is username)
    required: true
    type: str

databaseName:
    choices:
    - admin
    - $external
    default: admin
    description:
    - Database against which Atlas authenticates the user.
    type: str