Grants MongoDB employee cluster access for the given duration and at the specified level for one cluster. To use this resource, the requesting Service Account or API Key must have the Project Owner role or Project Support Access Manager role.
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern: ^([a-f0-9]{24})$.
Human-readable label that identifies this cluster.
Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9-]*$.
Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.
Default value is false.
Flag that indicates whether the response body should be in the prettyprint format.
Default value is false.
Grant access level and expiration.
Expiration date for the employee access grant. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
Level of access to grant to MongoDB Employees.
Values are CLUSTER_DATABASE_LOGS, CLUSTER_INFRASTRUCTURE, or CLUSTER_INFRASTRUCTURE_AND_APP_SERVICES_SYNC_DATA.
atlas api clusters grantMongoEmployeeAccess --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20241113001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
// See https://dochub.mongodb.org/core/atlas-go-sdk-oauth
client, err := sdk.NewClient(sdk.UseOAuthAuth(clientID, clientSecret))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GrantGroupClusterMongoDbEmployeeAccessApiParams{}
sdkResp, httpResp, err := client.ClustersApi.
GrantGroupClusterMongoDbEmployeeAccessWithParams(ctx, params).
Execute()
}
curl --include --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2024-11-13+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}:grantMongoDBEmployeeAccess" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest --include \
--header "Accept: application/vnd.atlas.2024-11-13+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}:grantMongoDBEmployeeAccess" \
-d '{ <Payload> }'{
"expirationTime": "2026-05-04T09:42:00Z",
"grantType": "CLUSTER_DATABASE_LOGS"
}{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}{
"error": 409,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot delete organization link while there is active migration in following project ids: 60c4fd418ebe251047c50554",
"reason": "Conflict",
"errorCode": "CANNOT_DELETE_ORG_ACTIVE_LIVE_MIGRATION_ATLAS_ORG_LINK"
}{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}