Docs Menu
Docs Home
/ /
MongoDB Atlas Kubernetes Operator

Configure Teams

On this page

  • Limitations
  • Prerequisites
  • Procedure
  • Create the team.
  • Grant the team access to a project.

Atlas Kubernetes Operator supports teams for controlling access to your Atlas projects.

You can create teams at the organization level and add teams to projects to grant project access roles to multiple users. Add any number of organization users to a team.

Grant a team roles for specific projects. All members of a team share the same project access. Organization users can belong to multiple teams. To add teams to a project or edit team roles, see Manage Access to a Project.

To manage teams with Atlas Kubernetes Operator, specify and update the following custom resources:

Custom Resource
AtlasTeam Custom Resource
Defines the team name and the users who belong to it.
Defines the team's access roles for this project. You must set the field to match the of the AtlasTeam Custom Resource to assign the team to this project.

Each time you change any of the supported custom resources, such as updating or removing a team, Atlas Kubernetes Operator creates or updates the corresponding Atlas configuration.

You must assign the team to a project by configuring both the AtlasTeam Custom Resource and the AtlasProject Custom Resource for the team to appear in the Atlas UI.

For other limitations that apply to teams, see Manage Organization Teams.

To enable teams for your Atlas Kubernetes Operator-managed cluster, you must:

  • Have a running Kubernetes cluster with Atlas Kubernetes Operator deployed.

  • Ensure your IP address is in the organization's API access list.

Follow these steps to enable teams for your Atlas Kubernetes Operator-managed projects:


Create an AtlasTeam Custom Resource for each team using the following example. Specify a so that you can reference this file from the AtlasProject Custom Resource and a so you can differentiate this team from other teams in your organization.

Add only users who are part of the organization.

To learn more about the parameters for a team, see the AtlasTeam Custom Resource.


cat <<EOF | kubectl apply -f -
kind: AtlasTeam
name: green-leaf-team
name: "greenLeafTeam"
- ""
- ""
- ""
- ""

To assign this team to a project, set the field in the AtlasProject Custom Resource to match the from the previous step.

In the spec.teams.teamRef.roles field, specify the team's Atlas User Roles for this project.

You can add more than one team. The following example shows two teams with different access roles for the same project.

To learn about the other parameters for a team, see AtlasProject Custom Resource.


cat <<EOF | kubectl apply -f -
kind: AtlasProject
name: my-project
name: Test project
- teamRef:
name: green-leaf-team
- teamRef:
name: no-leaf-team


Federated Authentication


Import Projects