You can use Atlas Kubernetes Operator to manage resources in an Atlas project
without using Atlas Kubernetes Operator to manage the project itself. In this
independent custom resource definition ("independent CRD") model, you
associate resources such as AtlasDeployment Custom Resource and
AtlasDatabaseUser Custom Resource with an Atlas project
directly by its Atlas ID.
Independent CRDs allow you to use different programmatic infrastructure management systems for your projects, while you use Atlas Kubernetes Operator to manage more frequently-altered resources such as database users or individual deployments.
By separating the management of the Atlas project from the management of subresources such as users and deployments, independent CRDs allow you to allocate these responsibilities to different personnel or different teams within your organization as suits your needs.
Considerations
When you use Atlas Kubernetes Operator to manage a project, you can either configure
Atlas Administration API authentication using the
spec.connectionSecretRef.name parameter of the atlasProject
resource, or leave this parameter unset to default to global Atlas
credentials. When using independent CRDs, you
can specify a spec.connectionSecret.name for each resource. This
parameter, if set, takes precedence over
spec.connectionSecretRef.name or global Atlas
credentials.
Setting this parameter is required for any resource whose parent resource is referenced using an Atlas project ID, and optional otherwise.
Example
You define an atlasDeployment CRD that references its parent
project by Atlas ID instead of an atlasProject
spec.name parameter.  You must define a
spec.connectSecret.name for the atlasDeployment
resource, as in the following:
apiVersion: atlas.mongodb.com/v1 kind: AtlasDeployment metadata:   name: test-cluster-name   namespace: mongodb-atlas-system spec:   externalProjectRef:     id: 671998971c8520583f24f411   connectionSecret:     name: my-atlas-key   deploymentSpec:     clusterType: REPLICASET     name: service-name     tags:     - key: "environment"       value: "production"     backupEnabled: true     replicationSpecs:       - zoneName: US-Zone         numShards: 3         regionConfigs:           - regionName: CENTRAL_US             providerName: GCP             backingProviderName: GCP             priority: 7             electableSpecs:               instanceSize: M10               nodeCount: 3 
Migration to Independent CRD
To migrate existing CRDs from atlasProject-level management to
independent management:
Disable project reconciliation and edit subresource references
- Add the - mongodb.com/atlas-reconciliation-policy: "skip"annotation to the parent resource's- metadata. This prevents Atlas Kubernetes Operator from attempting to reconcile the parent resource and its subresources. Consider the following:- apiVersion: atlas.mongodb.com/v1 - kind: AtlasProject - metadata: - name: my-project - annotations: - mongodb.com/atlas-reconciliation-policy: "skip" - spec: - name: Test project - connectionSecretRef: - name: my-atlas-key - projectIpAccessList: - - cidrBlock: "203.0.113.0/24" - comment: "CIDR block for Application Server B - D" - Warning- If you do not apply this annotation, Atlas Kubernetes Operator will continue to attempt reconciliation as you modify your other resources. For users with New Default: Deletion Protection in Atlas Kubernetes Operator 2.0 disabled, this can result in Atlas Kubernetes Operator removing the Atlas project when you remove the - atlasProjectresource, or entering a blocked state attempting to remove a project with active subresources such as database users or deployments.
- Modify the project reference to point to an Atlas project ID instead of an - atlasProjectname.- For example, to decouple an - atlasDatabaseUserresource:- apiVersion: atlas.mongodb.com/v1 - kind: AtlasDatabaseUser - metadata: - name: my-database-user - spec: - roles: - - roleName: readWriteAnyDatabase - databaseName: admin - externalProjectRef: - id: 671998971c8520583f24f411 - username: theuser - passwordSecretRef: - name: the-user-password 
(Conditional) Remove the reconciliation policy annotation
If you want to continue managing your project with Atlas Kubernetes Operator, as in
a scenario where you still have resources subordinate to your
atlasProject, reactivate reconciliation by removing the
reconciliation policy annotation from the atlasProject CRD.