Docs Menu

AtlasProject Custom Resource

On this page

  • Example
  • Prometheus Example
  • Parameters

The AtlasProject custom resource configures the project in Atlas. When you create the AtlasProject custom resource, Atlas Kubernetes Operator tries to create a new project in Atlas.

Atlas Kubernetes Operator does one of the following actions:

  • Creates a new project in the organization that the connection secret configures.
  • Reuses an existing project. In this case, Atlas Kubernetes Operator verifies whether a project with spec.name exists. If the project exists, Atlas Kubernetes Operator skips creation. After the reconciliation, Atlas Kubernetes Operator updates the status.id field with the id of the project.

The AtasProject custom resouce has an optional spec.connectionSecretRef.name parameter. This parameter overrides the default global connection secret. To connect to the Atlas Administration API, Atlas Kubernetes Operator reads the organization ID and API keys from Atlas Kubernetes Operator secrets.

You can also edit the AtlasProject custom resource specification to configure the following options:

If you remove the AtlasProject resource from your Kubernetes cluster, Atlas Kubernetes Operator removes the project from Atlas. You must remove all the clusters in the project beforehand. Otherwise, Atlas rejects the delete request.

The following example shows an AtlasProject custom resource specification:

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
name: my-project
spec:
name: Test project
connectionSecretRef:
name: my-atlas-key
projectIpAccessList:
- ipAddress: "192.0.2.15"
comment: "IP address for Application Server A"
- cidrBlock: "203.0.113.0/24"
comment: "CIDR block for Application Server B - D"
status:
conditions:
- lastTransitionTime: "2021-03-18T16:32:19Z"
status: "True"
type: Ready
- lastTransitionTime: "2021-03-18T16:32:19Z"
status: "True"
type: ProjectReady
- lastTransitionTime: "2021-03-18T16:32:19Z"
status: "True"
type: IPAccessListReady
id: 604a47de73cdsfh1977239021
observedGeneration: 1

The following example shows an AtlasProject custom resource specification that integrates with Prometheus:

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
name: my-project
spec:
name: TestPrometheusIntegration
connectionSecretRef:
name: my-atlas-key
projectIpAccessList:
- ipAddress: "0.0.0.0/1"
comment: "Everyone has access. For test purposes only."
- ipAddress: "128.0.0.0/1"
comment: "Everyone has access. For test purposes only."
integrations:
- type: "PROMETHEUS"
enabled: "true"
username: "prometheus-user"
passwordRef:
name: "password-name"
namespace: "password-namespace"
scheme: "http"
serviceDiscovery: "http"

To learn more, see Integrate with Third-Party Services.

This section describes the AtlasProject custom resource parameters:

spec.name

Type: string

Required

Name of the project created or updated in Atlas. The name length must not exceed 64 characters. The name can contain only letters, numbers, spaces, dashes, and underscores.

spec.connectionSecretRef.name

Type: string

Optional

Name of the secret with the organization ID and API keys that Atlas Kubernetes Operator uses to connect to Atlas. If unspecified, Atlas Kubernetes Operator uses the default global secret.

spec.integrations

Type: array

Optional

List that contains your third-party integration settings. The parameters that you must specify depend on the third-party service that you want to configure:

Service
Settings
All
Datadog
Flowdock
Microsoft Teams
New Relic
Opsgenie
PagerDuty
Prometheus
Slack
VictorOps
Webhook Settings
spec.integrations.accountId

Type: string

Conditional

Unique string that identidies your New Relic account. If you want to integrate with New Relic, you must specify this setting.

spec.integrations.apiKeyRef.name

Type: string

Conditional

Human-readable label that identifies your API key for Datadog, Opsgenie, or VictorOps. If you want to integrate with Datadog, Opsgenie, or VictorOps, you must specify this setting.

spec.integrations.apiKeyRef.namespace

Type: string

Conditional

Namespace that contains your API key for Datadog, Opsgenie, or VictorOps. If you want to integrate with Datadog, Opsgenie, or VictorOps, you must specify this setting.

spec.integrations.apiTokenRef.name

Type: string

Conditional

Human-readable label that identifies your API token for Slack or Flowdock. If you want to integrate with Slack or Flowdock, you must specify this setting.

spec.integrations.apiTokenRef.namespace

Type: string

Conditional

Namespace that contains your API token or Slack or Flowdock. If you want to integrate with Slack or Flowdock, you must specify this setting.

spec.integrations.enabled

Type: boolean

Conditional

Flag that indicates whether your cluster has Prometheus enabled. If you want to integrate with Prometheus, you must specify this setting as true.

spec.integrations.flowName

Type: string

Conditional

Human-readable label that identifies your Flowdock flow. If you want to integrate with Flowdock, you must specify this setting.

spec.integrations.licenseKeyRef.name

Type: string

Conditional

Human-readable label that identifies your license key for New Relic. If you want to integrate with New Relic, you must specify this setting.

spec.integrations.licenseKeyRef.namespace

Type: string

Conditional

Namespace that contains your license key for New Relic. If you want to integrate with New Relic, you must specify this setting.

spec.integrations.microsoftTeamsWebhookURL

Type: string

Conditional

String that specifies your Microsoft Teams incoming webhook URL. If you want to integrate with Mircosoft Teams, you must specify this setting.

spec.integrations.orgName

Type: string

Conditional

Human-readable string that identifies your Flowdock organization. If you want to integrate with Flowdock, you must specify this setting.

spec.integrations.passwordRef.name

Type: string

Conditional

Human-readable label that identifies your Prometheus password. If you want to integrate with Prometheus, you must specify this setting.

spec.integrations.passwordRef.namespace

Type: string

Conditional

Namespace that contains your Prometheus password. If you want to integrate with Prometheus, you must specify this setting.

spec.integrations.readTokenRef.name

Type: string

Conditional

Human-readable label that identifies your Insights Query Key for New Relic. If you want to integrate with New Relic, you must specify this setting.

spec.integrations.readTokenRef.namespace

Type: string

Conditional

Namespace that contains your Insights Query Key for New Relic. If you want to integrate with New Relic, you must specify this setting.

spec.integrations.region

Type: string

Conditional

Default: US

String value that indicates the API URL to use for Datadog or Opsgenie. Values include US or EU. If you want to integrate with Datadog or Opsgenie, you must specify this setting.

spec.integrations.routingKeyRef.name

Type: string

Conditional

Human-readable label that identifies your routing key for VictorOps. If you want to integrate with VictorOps, you must specify this setting.

spec.integrations.routingKeyRef.namespace

Type: string

Conditional

Namespace that contains your routing key for VictorOps. If you want to integrate with VictorOps, you must specify this setting.

spec.integrations.secretRef.name

Type: string

Conditional

Human-readable label that identifies your Webhook secret. If you want to integrate with Webhook Settings, you must specify this setting.

spec.integrations.secretRef.namespace

Type: string

Conditional

Namespace that contains your Webhook secret. If you want to integrate with Webhook Settings, you must specify this setting.

spec.integrations.scheme

Type: string

Conditional

String that indicates the Prometheus protocol scheme configured for requests. Values include http or https. If you want to integrate with Prometheus, you must specify this setting.

spec.integrations.serviceDiscovery

Type: string

Conditional

Human-readable label that indicates the Prometheus service discovery method to use. Values include file or http. If you want to integrate with Prometheus, you must specify this setting.

spec.integrations.serviceKeyRef.name

Type: string

Conditional

Human-readable label that identifies your service key for PagerDuty. If you want to integrate with PagerDuty, you must specify this setting.

spec.integrations.serviceKeyRef.namespace

Type: string

Conditional

Namespace that contains your service key for PagerDuty. If you want to integrate with PagerDuty, you must specify this setting.

spec.integrations.type

Type: string

Conditional

String value that indicates the third-party service to integrate with Atlas. Values include:

  • DATADOG
  • FLOWDOCK
  • MICROSOFT_TEAMS
  • NEW_RELIC
  • OPS_GENIE
  • PAGER_DUTY
  • PROMETHEUS
  • SLACK
  • VICTOR_OPS
  • WEBHOOK

If you want to integrate with a third-party service, you must specify this setting.

spec.integrations.url

Type: string

Conditional

String that specifies your Webhook URL. If you want to integrate with Webhook Settings, you must specify this setting.

spec.integrations.username

Type: string

Conditional

Human-readable label that identifies the Prometheus user. If you want to integrate with Prometheus, you must specify this setting.

spec.integrations.writeTokenRef.name

Type: string

Conditional

Human-readable label that identifies your write token for New Relic. If you want to integrate with New Relic, you must specify this setting.

spec.integrations.writeTokenRef.namespace

Type: string

Conditional

Namespace that contains your write token for New Relic. If you want to integrate with New Relic, you must specify this setting.

spec.projectIpAccessList

Type: array

Required

IP access list that grants network access to Atlas clusters in the project. You can specify the following body parameters:

Parameter
Type
Necessity
Description
awsSecurityGroup
string
Conditional

Unique identifier of the AWS security group to add to the access list.

Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

Note

You must configure VPC peering for your project before you can add an AWS security group to an access list.

cidrBlock
string
Conditional

Range of IP addresses in CIDR notation to be added to the access list.

Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

comment
string
Optional
Comment associated with the access list entry.
deleteAfterDate
date
Optional

Timestamp in ISO 8601 date and time format in UTC after which Atlas removes the entry from the access list. The specified date must be in the future and within one week of the time you make the API request.

Important

You cannot set AWS security groups as temporary access list entries.

Note

You may include an ISO 8601 time zone designator to ensure that the expiration date occurs with respect to the local time in the specified time zone.

ipAddress
string
Conditional

Single IP address to be added to the access list. Mutually exclusive with awsSecurityGroup and cidrBlock.

Your access list entry can include only one awsSecurityGroup, one cidrBlock, or one ipAddress.

spec.privateEndpoints

Type: array

Optional

List that contains the private endpoint configurations for the project.

spec.X509CertRef.name

Type: string

Optional

Human-readable label that identifies the secret for the X.509 certificate.

←  Custom ResourcesAtlasDeployment Custom Resource →
Give Feedback
© 2022 MongoDB, Inc.

About

  • Careers
  • Investor Relations
  • Legal Notices
  • Privacy Notices
  • Security Information
  • Trust Center
© 2022 MongoDB, Inc.