# Create One Cloud Provider Access Role **POST /api/atlas/v1.0/groups/{groupId}/cloudProviderAccess** Creates one access role for the specified cloud provider. Some MongoDB Cloud features use these cloud provider access roles for authentication. To use this resource, the requesting Service Account or API Key must have the Project Owner role. For the GCP provider, if the project folder is not yet provisioned, Atlas will now create the role asynchronously. An intermediate role with status `IN_PROGRESS` will be returned, and the final service account will be provisioned. Once the GCP project is set up, subsequent requests will create the service account synchronously. [Set Up Access to Cloud Providers](https://www.mongodb.com/ko-kr/docs/atlas/security/cloud-provider-access/) ## Servers - https://cloud.mongodb.com: https://cloud.mongodb.com () ## Authentication methods - Service accounts - Digest auth ## Parameters #### Path parameters - **groupId** (string) Unique 24-hexadecimal digit string that identifies your project. Use the [/groups](#tag/Projects/operation/listProjects) endpoint to retrieve all projects to which the authenticated user has access. **NOTE**: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups. #### Query parameters - **envelope** (boolean) Flag that indicates whether Application wraps the response in an `envelope` JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body. - **pretty** (boolean) Flag that indicates whether the response body should be in the prettyprint format. ## Body parameters Content-type: application/json Creates one role for the specified cloud provider. - **providerName** (string) Human-readable label that identifies the cloud provider of the role. ## Responses ### 200: OK #### Body Parameters: application/json (object) - **providerName** (string) Human-readable label that identifies the cloud provider of the role. - **atlasAWSAccountArn** (string) Amazon Resource Name that identifies the Amazon Web Services (AWS) user account that MongoDB Cloud uses when it assumes the Identity and Access Management (IAM) role. - **atlasAssumedRoleExternalId** (string(uuid)) Unique external ID that MongoDB Cloud uses when it assumes the IAM role in your Amazon Web Services (AWS) account. - **authorizedDate** (string(date-time)) Date and time when someone authorized this role for the specified cloud service provider. This parameter expresses its value in the ISO 8601 timestamp format in UTC. - **createdDate** (string(date-time)) Date and time when someone created this role for the specified cloud service provider. This parameter expresses its value in the ISO 8601 timestamp format in UTC. - **featureUsages** (array[object]) List that contains application features associated with this Amazon Web Services (AWS) Identity and Access Management (IAM) role. - **iamAssumedRoleArn** (string) Amazon Resource Name (ARN) that identifies the Amazon Web Services (AWS) Identity and Access Management (IAM) role that MongoDB Cloud assumes when it accesses resources in your AWS account. - **roleId** (string) Unique 24-hexadecimal digit string that identifies the role. ### 401: Unauthorized. #### Body Parameters: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 403: Forbidden. #### Body Parameters: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 404: Not Found. #### Body Parameters: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. ### 500: Internal Server Error. #### Body Parameters: application/json (object) - **badRequestDetail** (object) Bad request detail. - **detail** (string) Describes the specific conditions or reasons that cause each type of error. - **error** (integer(int32)) HTTP status code returned with this error. - **errorCode** (string) Application error code returned with this error. - **parameters** (array[object]) Parameters used to give more information about the error. - **reason** (string) Application error message returned with this error. [Powered by Bump.sh](https://bump.sh)