/ /

自定义资源

Docs 主页

管理

Atlas Kubernetes Operator

自定义资源

Docs 主页

管理

Atlas Kubernetes Operator

自定义资源

`AtlasProject` 自定义资源

AtlasProject自定义资源在 Atlas 中配置项目。当您创建AtlasProject资源时，Atlas Kubernetes Operator 会尝试在 Atlas 中创建新项目。

重要

自定义资源不再默认删除对象

Atlas Kubernetes Operator使用自定义资源配置文件来管理Atlas配置，但从Atlas Kubernetes Operator2.0 开始，您在Kubernetes中删除的自定义资源不再（默认）在Atlas中删除。相反， Atlas Kubernetes Operator只是停止管理Atlas中的这些资源。示例，如果您在Kubernetes中删除自定义资源，则默认， Atlas KubernetesAtlasProject Operator不再自动从Atlas中删除相应的项目。这种行为更改旨在帮助防止意外删除。要学习；了解详情，包括如何将此行为恢复为Atlas Kubernetes Operator2 0之前使用的默认行为，请参阅新的默认值： Atlas Kubernetes Operator2 中的删除保护。0 。
同样，如果您使用Atlas Kubernetes Operator从Kubernetes中的Atlas项目中删除团队，则Atlas Kubernetes Operator不会从Atlas中删除团队。

显式定义所需的配置详细信息，以避免隐式使用默认Atlas配置值。在某些情况下，继承Atlas默认值可能会导致协调循环，从而阻止自定义资源实现 READY 状态。示例，在 AtlasDeployment 自定义资源中显式定义所需的自动伸缩行为（如所包含的示例所示）可确保自定义资源中的静态实例大小不会重复应用于已启用自动伸缩的Atlas部署。

autoScaling:
  diskGB:
    enabled: true
  compute:
    enabled: true
    scaleDownEnabled: true
    minInstanceSize: M30
    maxInstanceSize: M40

Atlas Kubernetes Operator 执行以下操作之一：

在连接密钥配置的组织中创建一个新项目。
重复使用现有项目。在这种情况下，Atlas Kubernetes Operator 会验证是否存在具有spec.name的项目。如果项目存在，Atlas Kubernetes Operator 会跳过创建过程。协调后，Atlas Kubernetes Operator 使用项目的 ID 更新status.id字段。

You can use the spec.connectionSecretRef.name parameter to set the connection secret for the AtlasProject custom resource. This parameter overrides the default global connection secret.

By default, Atlas Kubernetes Operator keeps connection secrets in the same namespace as the AtlasProject Custom Resource. To store secrets in another namespace, specify the spec.connectionSecretRef.namespace parameter.

要连接APIAtlas ， Atlas Kubernetes Operator会从Atlas Kubernetes Operator密钥中读取组织ID和API密钥。

您还可以编辑AtlasProject自定义资源规范来配置以下选项：

An IP access list with the spec.projectIpAccessList parameter. This IP access list grants network access to Atlas clusters in the project.
Teams with the spec.teams parameter. A team lets you grant an access role to an entire group of Atlas users for a particular project.
The maintenance window with the spec.maintenanceWindow parameter. The maintenance window sets the hour and day that Atlas starts weekly maintenance on your database deployments.

Network peering with the spec.networkPeers parameter. Network peering allows you to connect securely to your AWS, Azure, or Google Cloud VPC.
Encryption at rest using customer-managed keys with the spec.encryptionAtRest parameter. Encryption at rest using customer-managed keys allows you to add an additional layer of security by using your cloud provider's KMS together with the MongoDB encrypted storage engine.
Private endpoints with the spec.privateEndpoints parameter.
X.509 authentication with the spec.x509CertRef.name parameter.
Project settings with the spec.settings parameter, including settings to enable and disable the following:
- 收集集群指标中的数据库统计信息
- 质谱图解析器(Data Explorer)
- 性能顾问
- 实时性能面板
- 模式顾问
- Project alerts configurations with the spec.alertConfigurationSyncEnabled and spec.alertConfigurations parameters.
  有关这些设置如何交互的信息，请参阅注意事项。

如果您从 Kubernetes 集群中删除AtlasProject资源，Atlas Kubernetes Operator 将从 Atlas 中删除该项目。您必须事先删除项目中的所有集群。否则，Atlas 会拒绝删除请求。

例子

以下示例显示了AtlasProject自定义资源规范：

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
 name: my-project
spec:
 name: Test project
 connectionSecretRef:
   name: my-atlas-key
 projectIpAccessList:
   - cidrBlock: "203.0.113.0/24"
     comment: "CIDR block for Application Server B - D"

Prometheus 示例

以下示例显示了与 Prometheus 集成的AtlasProject自定义资源规范：

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
  name: my-project
spec:
  name: TestPrometheusIntegration
  connectionSecretRef:
    name: my-atlas-key
  projectIpAccessList:
    - cidrBlock: "0.0.0.0/1"
      comment: "Everyone has access. For test purposes only."
    - cidrBlock: "128.0.0.0/1"
      comment: "Everyone has access. For test purposes only."
  integrations:
    - type: "PROMETHEUS"
      enabled: "true"
      username: "prometheus-user"
      passwordRef:
        name: "password-name"
        namespace: "password-namespace"
      scheme: "http"
      serviceDiscovery: "http"

要了解更多信息，请参阅与第三方服务集成。

注意

Atlas Kubernetes Operator提供了一个示例Grafana仪表盘，您可以将其导入 Grafana 中。

团队示例

以下示例显示了一个AtlasProject自定义资源规范，该规范为green-leaf-team赋予了此项目的Organization Owner角色。团队成员在AtlasTeam 自定义资源中定义。

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
  name: my-project
spec:
  name: Test project
  teams:
    - teamRef:
        name: green-leaf-team
      roles:
      - ORGANIZATION_OWNER

要了解详情，请参阅配置团队。

维护窗口示例

以下示例显示了一个AtlasProject自定义资源规范，该规范将维护窗口设置为每周二上午 5:00，并禁用自动延迟：

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
 name: my-project
spec:
 name: Test project
 projectIpAccessList:
   - ipAddress: "192.0.2.15"
     comment: "IP address for Application Server A"
maintenanceWindow:
 dayOfWeek: 3
 hourOfDay: 5
 autoDefer: false

项目设置示例

以下示例显示了 AtlasProject 自定义资源规范，该规范禁用集群指标、数据浏览器、 Performance Advisor 、实时性能面板和模式优化顾问中的数据库统计信息集合。

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
 name: my-project
spec:
 name: Test project
 projectIpAccessList:
   - ipAddress: "192.0.2.15"
     comment: "IP address for Application Server A"
 settings:
   isCollectDatabaseSpecificsStatisticsEnabled: false
   isDataExplorerEnabled: false
   isExtendedStorageSizesEnabled: false
   isPerformanceAdvisorEnabled: false
   isRealtimePerformancePanelEnabled: false
   isSchemaAdvisorEnabled: false

警报配置示例

以下示例显示了一个AtlasProject自定义资源规范，该规范配置了一个警报，该警报在 oplog 窗口达到少于一小时时触发：

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
  name: my-project
spec:
  name: Test Atlas Operator Project
  connectionSecretRef:
    name: my-atlas-key
  alertConfigurations:
    - eventTypeName: "REPLICATION_OPLOG_WINDOW_RUNNING_OUT",
      enabled: true,
      notifications:
      -  delayMin: 0
         emailEnabled: true
         intervalMin: 60
         roles: [ "GROUP_OWNER" ]
         smsEnabled: false
         typeName: "GROUP"
      threshold:
         operator: "LESS_THAN",
         threshold: "1",
         units: "HOURS"
  alertConfigurationSyncEnabled: true
  withDefaultAlertsSettings: false

第三方警报配置示例

以下示例显示了一个AtlasProject自定义资源规范，该规范配置了通过 Slack 发送通知的警报：

apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
  name: my-project
spec:
  name: Test Atlas Operator Project
  connectionSecretRef:
    name: my-atlas-key
  alertConfigurations:
    - eventTypeName: "REPLICATION_OPLOG_WINDOW_RUNNING_OUT"
      enabled: true
      notifications:
      -  delayMin: 0
         emailEnabled: true
         intervalMin: 60
         roles: [ "GROUP_OWNER" ]
         smsEnabled: false
         - typeName: "SLACK"
           apiTokenRef:
             name: key-name
             namespace: key-namespace
      threshold:
         operator: "LESS_THAN"
         threshold: "1"
         units: "HOURS"
  alertConfigurationSyncEnabled: true
  withDefaultAlertsSettings: false

参数

Atlas 项目

AtlasProject is the Schema for the atlasprojects API

`Name`	类型	说明	必需
`apiVersion`	字符串	atlas.mongodb.com/v1	true
`kind`	字符串	`AtlasProject`	true
`metadata`	对象	Refer to the Kubernetes `API` documentation for the fields of the `metadata` field.	true
`spec`	对象	`AtlasProjectSpec` defines the target state of Project in Atlas	false
`status`	对象	`AtlasProjectStatus` defines the observed state of `AtlasProject`	false

AtlasProject.spec

AtlasProjectSpec defines the target state of Project in Atlas

`Name`	类型	说明	必需
`name`	字符串	Name is the `name` of the Project that is created in Atlas by the Operator if it doesn't exist yet. The `name` length must not exceed 64 characters. The `name` must contain only letters, numbers, spaces, dashes, and underscores. Validations: self == `oldSelf`: Name cannot be modified after project creation	true
`alertConfigurationSyncEnabled`	布尔	`AlertConfigurationSyncEnabled` is a flag that enables/disables Alert Configurations sync for the current Project. If true - project alert configurations will be synced according to `AlertConfigurations`. If not - alert configurations will not be modified by the operator. They can be managed through the `API`, `CLI`, and `UI`.	false
`alertConfigurations`	[]object	`AlertConfiguration` is a list of Alert Configurations configured for the current Project. If you use this setting, you must also set spec.``alertConfigurationSyncEnabled`` to true for Atlas Kubernetes Operator to modify project alert configurations. If you omit or leave this setting empty, Atlas Kubernetes Operator doesn't alter the project's alert configurations. If creating a project, Atlas applies the default project alert configurations.	false
`auditing`	对象	Auditing represents `MongoDB` Maintenance Windows.	false
`backupCompliancePolicyRef`	对象	`BackupCompliancePolicyRef` is a reference to the backup compliance custom resource.	false
`cloudProviderAccessRoles`	[]object	`CloudProviderAccessRoles` is a list of Cloud Provider Access Roles configured for the current Project. Deprecated: This configuration was deprecated in favor of `CloudProviderIntegrations`	false
`cloudProviderIntegrations`	[]object	`CloudProviderIntegrations` is a list of Cloud Provider Integration configured for the current Project.	false
`connectionSecretRef`	对象	`ConnectionSecret` is the name of the Kubernetes Secret which contains the information about the way to connect to Atlas (organization `ID`, `API` keys). The default Operator connection configuration will be used if not provided.	false
`customRoles`	[]object	`CustomRoles` lets you create and change custom roles in your cluster. Use custom roles to specify custom sets of actions that the Atlas built-in roles can't describe. Deprecated: Migrate to the `AtlasCustomRoles` custom resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr	false
`encryptionAtRest`	对象	`EncryptionAtRest` allows to set encryption for `AWS`, Azure and `GCP` providers.	false
`integrations`	[]object	Integrations is a list of `MongoDB` Atlas `integrations` for the project. Deprecated: Migrate to the `AtlasThirdPartyIntegration` custom resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr	false
`maintenanceWindow`	对象	`MaintenanceWindow` allows to specify a preferred time in the week to run maintenance operations. See more information at https://www.mongodb.com/zh-cn/docs/atlas/reference/api/maintenance-windows/	false
`networkPeers`	[]object	`NetworkPeers` is a list of Network Peers configured for the current Project. Deprecated: Migrate to the `AtlasNetworkPeering` and `AtlasNetworkContainer` custom resources in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr	false
`privateEndpoints`	[]object	`PrivateEndpoints` is a list of Private Endpoints configured for the current Project. Deprecated: Migrate to the `AtlasPrivateEndpoint` Custom Resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr	false
`projectIpAccessList`	[]object	`ProjectIPAccessList` allows the use of the `IP` Access List for a Project. See more information at https://mongodb.com/zh-cn/docs/atlas/reference/api/ip-access-list/add-entries-to-access-list/ Deprecated: Migrate to the `AtlasIPAccessList` Custom Resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr	false
`regionUsageRestrictions`	枚举	`RegionUsageRestrictions` designate the project's `AWS` region when using Atlas for Government. This parameter should not be used with commercial Atlas. In Atlas for Government, not setting this field (defaulting to `NONE`) means the project is restricted to `COMMERCIAL_FEDRAMP_REGIONS_ONLY`. Enum: `NONE`, `GOV_REGIONS_ONLY`, `COMMERCIAL_FEDRAMP_REGIONS_ONLY` Default: `NONE`	false
`settings`	对象	Settings allows the configuration of the Project Settings.	false
`teams`	[]object	Teams enable you to grant project access roles to multiple users.	false
`withDefaultAlertsSettings`	布尔	Flag that indicates whether Atlas Kubernetes Operator creates a project with the default alert configurations. If you use this setting, you must also set spec.``alertConfigurationSyncEnabled`` to true for Atlas Kubernetes Operator to modify project alert configurations. If you set this parameter to false when you create a project, Atlas doesn't add the default alert configurations to your project. This setting has no effect on existing projects. Default: true	false
`x509CertRef`	对象	X509CertRef is a reference to the Kubernetes Secret which contains `PEM`-encoded `CA` certificate. Atlas Kubernetes Operator watches secrets only with the label atlas.mongodb.com/type=credentials to avoid watching unnecessary secrets.	false

AtlasProject.spec.alertConfigurations

`Name`	类型	说明	必需
`enabled`	布尔	如果省略，则禁用配置。	false
`eventTypeName`	字符串	The type of event that will trigger an alert.	false
`matchers`	[]object	仅当`EventTypeName`指定主机、副本集或分片集群的事件时，才能使用`matchers`数组进行筛选。	false
`metricThreshold`	对象	`MetricThreshold` causes an alert to be triggered.	false
`notifications`	[]object	Notifications are sending when an alert condition is detected.	false
`severityOverride`	枚举	`SeverityOverride` optionally overrides the default severity level for an alert. Enum: `INFO`, `WARNING`, `ERROR`, `CRITICAL`	false
`threshold`	对象	Threshold causes an alert to be triggered.	false

AtlasProject.spec.alertConfigurations.matchers

`Name`	类型	说明	必需
`fieldName`	字符串	目标对象中要匹配的字段的名称。	false
`operator`	字符串	The `operator` to test the field’s value.	false
`value`	字符串	要使用指定操作符进行测试的值。	false

AtlasProject.spec.alertConfigurations.metricThreshold

MetricThreshold causes an alert to be triggered.

`Name`	类型	说明	必需
`threshold`	字符串	Threshold value outside which an alert will be triggered.	true
`metricName`	字符串	Name of the metric to check.	false
`mode`	字符串	This must be set to `AVERAGE`. Atlas computes the current metric value as an average.	false
`operator`	字符串	根据阈值检查当前指标值时要应用的操作符。	false
`units`	字符串	The `units` for the threshold value.	false

AtlasProject.spec.alertConfigurations.notifications

`Name`	类型	说明	必需
`apiTokenRef`	对象	Secret containing a Slack `API` token or Bot token. Populated for the `SLACK` notifications type. If the token later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.	false
`channelName`	字符串	Slack channel name. Populated for the `SLACK` notifications type.	false
`datadogAPIKeyRef`	对象	Secret containing a Datadog `API` Key. Found in the Datadog dashboard. Populated for the `DATADOG` notifications type.	false
`datadogRegion`	字符串	Region that indicates which `API` `URL` to use.	false
`delayMin`	整型	检测到警报条件后发送第一个通知之前的等待分钟数。	false
`emailAddress`	字符串	Email address to which alert notifications are sent. Populated for the `EMAIL` notifications type.	false
`emailEnabled`	布尔	Flag indicating if email notifications should be sent. Populated for `ORG`, `GROUP`, and `USER` notifications types.	false
`flowName`	字符串	Flowdock 流名称（以小写字母表示）。	false
`flowdockApiTokenRef`	对象	The Flowdock personal `API` token. Populated for the `FLOWDOCK` notifications type. If the token later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.	false
`intervalMin`	整型	未解决的未确认警报的连续通知之间等待的分钟数。	false
`mobileNumber`	字符串	Mobile number to which alert notifications are sent. Populated for the `SMS` notifications type.	false
`opsGenieApiKeyRef`	对象	`OpsGenie` `API` Key. Populated for the `OPS_GENIE` notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.	false
`opsGenieRegion`	字符串	Region that indicates which `API` `URL` to use.	false
`orgName`	字符串	Flowdock organization name in lower-case letters. This is the name that appears after www.flowdock.com/app/ in the `URL` string. Populated for the `FLOWDOCK` notifications type.	false
`roles`	[]string	The following `roles` grant privileges within a project.	false
`serviceKeyRef`	对象	`PagerDuty` service key. Populated for the `PAGER_DUTY` notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the key.	false
`smsEnabled`	布尔	Flag indicating if text message notifications should be sent. Populated for `ORG`, `GROUP`, and `USER` notifications types.	false
`teamId`	字符串	团队的唯一标识符。	false
`teamName`	字符串	接收此通知的团队的标签。	false
`typeName`	字符串	警报通知类型。	false
`username`	字符串	Name of the Atlas user to which to send notifications. Only a user in the project that owns the alert configuration is allowed here. Populated for the `USER` notifications type.	false
`victorOpsSecretRef`	对象	Secret containing a `VictorOps` `API` key and Routing key. Populated for the `VICTOR_OPS` notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the key.	false

AtlasProject.spec.alertConfigurations.notifications.apiTokenRef

Secret containing a Slack API token or Bot token. Populated for the SLACK notifications type. If the token later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.alertConfigurations.notifications.datadogAPIKeyRef

Secret containing a Datadog API Key. Found in the Datadog dashboard. Populated for the DATADOG notifications type.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.alertConfigurations.notifications.flowdockApiTokenRef

The Flowdock personal API token. Populated for the FLOWDOCK notifications type. If the token later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.alertConfigurations.notifications.opsGenieApiKeyRef

OpsGenie API Key. Populated for the OPS_GENIE notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.alertConfigurations.notifications.serviceKeyRef

PagerDuty service key. Populated for the PAGER_DUTY notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the key.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.alertConfigurations.notifications.victorOpsSecretRef

Secret containing a VictorOps API key and Routing key. Populated for the VICTOR_OPS notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the key.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.alertConfigurations.threshold

Threshold causes an alert to be triggered.

`Name`	类型	说明	必需
`operator`	字符串	Operator to apply when checking the current metric value against the threshold value. It accepts the following values: `GREATER_THAN`, `LESS_THAN`.	false
`threshold`	字符串	Threshold value outside which an alert will be triggered.	false
`units`	字符串	The `units` for the threshold value.	false

AtlasProject.spec.auditing

Auditing represents MongoDB Maintenance Windows.

`Name`	类型	说明	必需
`auditAuthorizationSuccess`	布尔	Indicates whether the auditing system captures successful authentication attempts for audit filters using the "atype" : "`authCheck`" auditing event. For more information, see `auditAuthorizationSuccess`.	false
`auditFilter`	字符串	`JSON`-formatted audit filter used by the project.	false
`enabled`	布尔	Denotes whether the project associated with the {`GROUP`-`ID`} has database auditing enabled.	false

AtlasProject.spec.backupCompliancePolicyRef

BackupCompliancePolicyRef is a reference to the backup compliance custom resource.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.cloudProviderAccessRoles

CloudProviderAccessRole define an integration to a cloud provider DEPRECATED: This type is deprecated in favor of CloudProviderIntegration

`Name`	类型	说明	必需
`providerName`	字符串	`ProviderName` is the name of the cloud provider. Currently only `AWS` is supported.	true
`iamAssumedRoleArn`	字符串	`IamAssumedRoleArn` is the `ARN` of the `IAM` role that is assumed by the Atlas cluster.	false

AtlasProject.spec.cloudProviderIntegrations

CloudProviderIntegration define an integration to a cloud provider

`Name`	类型	说明	必需
`providerName`	字符串	`ProviderName` is the name of the cloud provider. Currently only `AWS` is supported.	true
`iamAssumedRoleArn`	字符串	`IamAssumedRoleArn` is the `ARN` of the `IAM` role that is assumed by the Atlas cluster.	false

AtlasProject.spec.connectionSecretRef

ConnectionSecret is the name of the Kubernetes Secret which contains the information about the way to connect to Atlas (organization ID, API keys). The default Operator connection configuration will be used if not provided.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.customRoles

CustomRole lets you create and change a custom role in your cluster. Use custom roles to specify custom sets of actions that the Atlas built-in roles can't describe. Deprecated: Migrate to the AtlasCustomRoles custom resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr

`Name`	类型	说明	必需
`name`	字符串	Human-readable label that identifies the role. This `name` must be unique for this custom role in this project.	true
`actions`	[]object	List of the individual privilege `actions` that the role grants.	false
`inheritedRoles`	[]object	该自定义角色继承的内置角色列表。	false

AtlasProject.spec.customRoles.actions

`Name`	类型	说明	必需
`name`	字符串	用于标识特权操作的可读标签。	true
`resources`	[]object	List of `resources` on which you grant the action.	true

AtlasProject.spec.customRoles.actions.resources

`Name`	类型	说明	必需
`cluster`	布尔	Flag that indicates whether to grant the action on the `cluster` resource. If true, `MongoDB` Cloud ignores Database and Collection parameters.	false
`collection`	字符串	Human-readable label that identifies the `collection` on which you grant the action to one `MongoDB` user.	false
`database`	字符串	Human-readable label that identifies the `database` on which you grant the action to one `MongoDB` user.	false

AtlasProject.spec.customRoles.inheritedRoles

`Name`	类型	说明	必需
`database`	字符串	Human-readable label that identifies the `database` on which someone grants the action to one `MongoDB` user.	true
`name`	字符串	Human-readable label that identifies the role inherited.	true

AtlasProject.spec.encryptionAtRest

EncryptionAtRest allows to set encryption for AWS, Azure and GCP providers.

`Name`	类型	说明	必需
`awsKms`	对象	`AwsKms` specifies `AWS` `KMS` configuration details and whether Encryption at Rest is enabled for an Atlas project.	false
`azureKeyVault`	对象	`AzureKeyVault` specifies Azure Key Vault configuration details and whether Encryption at Rest is enabled for an Atlas project.	false
`googleCloudKms`	对象	`GoogleCloudKms` specifies `GCP` `KMS` configuration details and whether Encryption at Rest is enabled for an Atlas project.	false

AtlasProject.spec.encryptionAtRest.awsKms

AwsKms specifies AWS KMS configuration details and whether Encryption at Rest is enabled for an Atlas project.

`Name`	类型	说明	必需
`enabled`	布尔	Specifies whether Encryption at Rest is `enabled` for an Atlas project. To disable Encryption at Rest, pass only this parameter with a value of false. When you disable Encryption at Rest, Atlas also removes the configuration details.	false
`region`	字符串	The `AWS` `region` in which the `AWS` customer master key exists.	false
`secretRef`	对象	A reference to as Secret containing the `AccessKeyID`, `SecretAccessKey`, `CustomerMasterKeyID` and `RoleID` fields	false
`valid`	布尔	Specifies whether the encryption key set for the provider is `valid` and may be used to encrypt and decrypt data.	false

AtlasProject.spec.encryptionAtRest.awsKms.secretRef

A reference to as Secret containing the AccessKeyID, SecretAccessKey, CustomerMasterKeyID and RoleID fields

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.encryptionAtRest.azureKeyVault

AzureKeyVault specifies Azure Key Vault configuration details and whether Encryption at Rest is enabled for an Atlas project.

`Name`	类型	说明	必需
`azureEnvironment`	字符串	The Azure environment where the Azure account credentials reside. Valid values are the following: `AZURE`, `AZURE_CHINA`, `AZURE_GERMANY`	false
`clientID`	字符串	The Client `ID`, also known as the application `ID`, for an Azure application associated with the Azure `AD` tenant.	false
`enabled`	布尔	Specifies whether Encryption at Rest is `enabled` for an Atlas project. To disable Encryption at Rest, pass only this parameter with a value of false. When you disable Encryption at Rest, Atlas also removes the configuration details.	false
`resourceGroupName`	字符串	The name of the Azure Resource group that contains an Azure Key Vault.	false
`secretRef`	对象	A reference to as Secret containing the `SubscriptionID`, `KeyVaultName`, `KeyIdentifier`, Secret fields	false
`tenantID`	字符串	The unique identifier for an Azure `AD` tenant within an Azure subscription.	false

AtlasProject.spec.encryptionAtRest.azureKeyVault.secretRef

A reference to as Secret containing the SubscriptionID, KeyVaultName, KeyIdentifier, Secret fields

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.encryptionAtRest.googleCloudKms

GoogleCloudKms specifies GCP KMS configuration details and whether Encryption at Rest is enabled for an Atlas project.

`Name`	类型	说明	必需
`enabled`	布尔	Specifies whether Encryption at Rest is `enabled` for an Atlas project. To disable Encryption at Rest, pass only this parameter with a value of false. When you disable Encryption at Rest, Atlas also removes the configuration details.	false
`secretRef`	对象	A reference to as Secret containing the `ServiceAccountKey`, `KeyVersionResourceID` fields	false

AtlasProject.spec.encryptionAtRest.googleCloudKms.secretRef

A reference to as Secret containing the ServiceAccountKey, KeyVersionResourceID fields

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations

Integration for the project between Atlas and a third party service. Deprecated: Migrate to the AtlasThirdPartyIntegration custom resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr

`Name`	类型	说明	必需
`accountId`	字符串	唯一的 40-十六进制数字字符串，用于标识您的 New Relic 帐户。	false
`apiKeyRef`	对象	Reference to a Kubernetes Secret containing your `API` Key for Datadog, `OpsGenie` or Victor Ops.	false
`apiTokenRef`	对象	Reference to a Kubernetes Secret containing the Key that allows Atlas to access your Slack account.	false
`channelName`	字符串	Name of the Slack channel to which Atlas sends alert notifications.	false
`enabled`	布尔	指示某人是否已激活 Prometheus 集成的标志。	false
`flowName`	字符串	`DEPRECATED`: Flowdock flow name. This field has been removed from Atlas, and has no effect.	false
`licenseKeyRef`	对象	Reference to a Kubernetes Secret containing your Unique 40-hexadecimal digit string that identifies your New Relic license.	false
`microsoftTeamsWebhookUrl`	字符串	Endpoint web address of the Microsoft Teams webhook to which Atlas sends notifications.	false
`name`	字符串		false
`orgName`	字符串	`DEPRECATED`: Flowdock organization name. This field has been removed from Atlas, and has no effect.	false
`passwordRef`	对象	Reference to a Kubernetes Secret containing the password to allow Atlas to access your Prometheus account.	false
`readTokenRef`	对象	Reference to a Kubernetes Secret containing the query key associated with your New Relic account.	false
`region`	字符串	Region code indicating which regional `API` Atlas uses to access `PagerDuty`, Datadog, or `OpsGenie`.	false
`routingKeyRef`	对象	Reference to a Kubernetes Secret containing the Routing key associated with your Splunk On-Call account. Used for Victor Ops.	false
`scheme`	字符串		false
`secretRef`	对象	Reference to a Kubernetes Secret containing the secret for your Webhook.	false
`serviceDiscovery`	字符串	发现 Prometheus 服务的所需方法。	false
`serviceKeyRef`	对象	Reference to a Kubernetes Secret containing the service key associated with your `PagerDuty` account.	false
`teamName`	字符串	Human-readable label that identifies your Slack team.	false
`type`	枚举	Third Party Integration `type` such as Slack, New Relic, etc. Each integration `type` requires a distinct set of configuration fields. For example, if you set `type` to `DATADOG`, you must configure only datadog subfields. Enum: `PAGER_DUTY`, `SLACK`, `DATADOG`, `NEW_RELIC`, `OPS_GENIE`, `VICTOR_OPS`, `FLOWDOCK`, `WEBHOOK`, `MICROSOFT_TEAMS`, `PROMETHEUS`	false
`url`	字符串	Endpoint web address to which Atlas sends notifications. Used for Webhooks.	false
`username`	字符串	人类可读标签，用于标识 Prometheus 传入的 Webhook。	false
`writeTokenRef`	对象	Reference to a Kubernetes Secret containing the insert key associated with your New Relic account.	false

AtlasProject.spec.integrations.apiKeyRef

Reference to a Kubernetes Secret containing your API Key for Datadog, OpsGenie or Victor Ops.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.apiTokenRef

Reference to a Kubernetes Secret containing the Key that allows Atlas to access your Slack account.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.licenseKeyRef

Reference to a Kubernetes Secret containing your Unique 40-hexadecimal digit string that identifies your New Relic license.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.passwordRef

Reference to a Kubernetes Secret containing the password to allow Atlas to access your Prometheus account.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.readTokenRef

Reference to a Kubernetes Secret containing the query key associated with your New Relic account.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.routingKeyRef

Reference to a Kubernetes Secret containing the Routing key associated with your Splunk On-Call account. Used for Victor Ops.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.secretRef

Reference to a Kubernetes Secret containing the secret for your Webhook.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.serviceKeyRef

Reference to a Kubernetes Secret containing the service key associated with your PagerDuty account.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.integrations.writeTokenRef

Reference to a Kubernetes Secret containing the insert key associated with your New Relic account.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.maintenanceWindow

MaintenanceWindow allows to specify a preferred time in the week to run maintenance operations. See more information at https://www.mongodb.com/zh-cn/docs/atlas/reference/api/maintenance-windows/

`Name`	类型	说明	必需
`autoDefer`	布尔	Flag indicating whether any scheduled project maintenance should be deferred automatically for one week.	false
`dayOfWeek`	整型	Day of the week when you would like the maintenance window to start as a 1-based integer. Sunday 1, Monday 2, Tuesday 3, Wednesday 4, Thursday 5, Friday 6, Saturday 7. Minimum: 1 Maximum: 7	false
`defer`	布尔	Flag indicating whether the next scheduled project maintenance should be deferred for one week. Cannot be specified if `startASAP` is true	false
`hourOfDay`	整型	Hour of the day when you would like the maintenance window to start. This parameter uses the 24-hour clock, where midnight is 0, noon is 12. Minimum: 0 Maximum: 23	false
`startASAP`	布尔	Flag indicating whether project maintenance has been directed to start immediately. Cannot be specified if defer is true	false

AtlasProject.spec.networkPeers

NetworkPeer configured for the current Project. Deprecated: Migrate to the AtlasNetworkPeering and AtlasNetworkContainer custom resources in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr

`Name`	类型	说明	必需
`accepterRegionName`	字符串	`AccepterRegionName` is the provider region name of user's `VPC`.	false
`atlasCidrBlock`	字符串	Atlas `CIDR`. It needs to be set if `ContainerID` is not set.	false
`awsAccountId`	字符串	`AccountID` of the user's `VPC`.	false
`azureDirectoryId`	字符串	`AzureDirectoryID` is the unique identifier for an Azure `AD` directory.	false
`azureSubscriptionId`	字符串	`AzureSubscriptionID` is the unique identifier of the Azure subscription in which the VNet resides.	false
`containerId`	字符串	`ID` of the network peer container. If not set, operator will create a new container with `ContainerRegion` and `AtlasCIDRBlock` input.	false
`containerRegion`	字符串	`ContainerRegion` is the provider region name of Atlas network peer container. If not set, `AccepterRegionName` is used.	false
`gcpProjectId`	字符串	User `GCP` Project `ID`. Its applicable only for `GCP`.	false
`networkName`	字符串	`GCP` Network Peer Name. Its applicable only for `GCP`.	false
`providerName`	字符串	`ProviderName` is the name of the provider. If not set, it will be set to "`AWS`".	false
`resourceGroupName`	字符串	`ResourceGroupName` is the name of your Azure resource group.	false
`routeTableCidrBlock`	字符串	User `VPC` `CIDR`.	false
`vnetName`	字符串	VNetName is name of your Azure VNet. Its applicable only for Azure.	false
`vpcId`	字符串	`AWS` `VPC` `ID`.	false

AtlasProject.spec.privateEndpoints

PrivateEndpoint is a list of Private Endpoints configured for the current Project. Deprecated: Migrate to the AtlasPrivateEndpoint Custom Resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr

`Name`	类型	说明	必需
`provider`	枚举	Cloud `provider` for which you want to retrieve a private endpoint service. Atlas accepts `AWS`, `GCP`, or `AZURE`. Enum: `AWS`, `GCP`, `AZURE`, `TENANT`	true
`region`	字符串	Cloud provider `region` for which you want to create the private endpoint service.	true
`endpointGroupName`	字符串	Unique identifier of the endpoint group. The endpoint group encompasses all the endpoints that you created in Google Cloud.	false
`endpoints`	[]object	Collection of individual private `endpoints` that comprise your endpoint group.	false
`gcpProjectId`	字符串	Unique identifier of the Google Cloud project in which you created your endpoints.	false
`id`	字符串	Unique identifier of the private endpoint you created in your `AWS` `VPC` or Azure VNet.	false
`ip`	字符串	Private `IP` address of the private endpoint network interface you created in your Azure VNet.	false

AtlasProject.spec.privateEndpoints.endpoints

`Name`	类型	说明	必需
`endpointName`	字符串	Forwarding rule that corresponds to the endpoint you created in Google Cloud.	false
`ipAddress`	字符串	Private `IP` address of the endpoint you created in Google Cloud.	false

AtlasProject.spec.projectIpAccessList

IPAccessList allows the use of the IP Access List for a Project. See more information at https://mongodb.com/zh-cn/docs/atlas/reference/api/ip-access-list/add-entries-to-access-list/ Deprecated: Migrate to the AtlasIPAccessList Custom Resource in accordance with the migration guide at https://www.mongodb.com/zh-cn/docs/atlas/operator/current/migrate-parameter-to-resource/#std-label-ak8so-migrate-ptr

`Name`	类型	说明	必需
`awsSecurityGroup`	字符串	Unique identifier of `AWS` security group in this access list entry.	false
`cidrBlock`	字符串	Range of `IP` addresses in `CIDR` notation in this access list entry.	false
`comment`	字符串	与此访问权限列表条目关联的注释。	false
`deleteAfterDate`	字符串	Timestamp in `ISO` 8601 date and time format in `UTC` after which Atlas deletes the temporary access list entry.	false
`ipAddress`	字符串	Entry using an `IP` address in this access list entry.	false

AtlasProject.spec.settings

Settings allows the configuration of the Project Settings.

`Name`	类型	说明	必需
`isCollectDatabaseSpecificsStatisticsEnabled`	布尔	指示是否为指定项目收集特定于数据库的指标的标志。	false
`isDataExplorerEnabled`	布尔	该标志指示是否为指定项目启用数据浏览器。	false
`isExtendedStorageSizesEnabled`	布尔	指示是否为指定项目启用扩展存储大小的标志。	false
`isPerformanceAdvisorEnabled`	布尔	指示是否为指定项目启用性能优化顾问和分析器的标志。	false
`isRealtimePerformancePanelEnabled`	布尔	指示是否为指定项目启用“实时性能面板”的标志。	false
`isSchemaAdvisorEnabled`	布尔	指示是否为指定项目启用模式顾问程序的标志。	false

AtlasProject.spec.teams

`Name`	类型	说明	必需
`roles`	[]enum	Roles the users in the team has within the project. Enum: `GROUP_OWNER`, `GROUP_CLUSTER_MANAGER`, `GROUP_DATA_ACCESS_ADMIN`, `GROUP_DATA_ACCESS_READ_WRITE`, `GROUP_DATA_ACCESS_READ_ONLY`, `GROUP_READ_ONLY`	true
`teamRef`	对象	Reference to the `AtlasTeam` custom resource which will be assigned to the project.	true

AtlasProject.spec.teams.teamRef

Reference to the AtlasTeam custom resource which will be assigned to the project.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.spec.x509CertRef

X509CertRef is a reference to the Kubernetes Secret which contains PEM-encoded CA certificate. Atlas Kubernetes Operator watches secrets only with the label atlas.mongodb.com/type=credentials to avoid watching unnecessary secrets.

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

AtlasProject.status

AtlasProjectStatus defines the observed state of AtlasProject

`Name`	类型	说明	必需
`conditions`	[]object	Conditions is the list of statuses showing the current state of the Atlas Custom Resource	true
`alertConfigurations`	[]object	`AlertConfigurations` contains a list of alert configuration statuses	false
`authModes`	[]string	`AuthModes` contains a list of configured authentication modes "`SCRAM`" is default authentication method and requires a password for each user "`X509`" signifies that self-managed X.509 authentication is configured	false
`cloudProviderIntegrations`	[]object	`CloudProviderIntegrations` contains a list of configured cloud provider access roles. `AWS` support only	false
`customRoles`	[]object	`CustomRoles` contains a list of custom roles statuses	false
`expiredIpAccessList`	[]object	The list of `IP` Access List entries that are expired due to '`deleteAfterDate`' being less than the current date. Note, that this field is updated by the Atlas Operator only after specification changes	false
`id`	字符串	The `ID` of the Atlas Project	false
`networkPeers`	[]object	The list of network peers that are configured for current project	false
`observedGeneration`	整型	`ObservedGeneration` indicates the generation of the resource specification of which the Atlas Operator is aware. The Atlas Operator updates this field to the value of 'metadata.generation' as soon as it starts reconciliation of the resource. Format: int64	false
`privateEndpoints`	[]object	The list of private endpoints configured for current project	false
`prometheus`	对象	Prometheus contains the status for Prometheus integration including the `prometheusDiscoveryURL`	false
`teams`	[]object	Teams contains a list of `teams` assignment statuses	false

AtlasProject.status.conditions

Condition describes the state of an Atlas Custom Resource at a certain point.

`Name`	类型	说明	必需
`status`	字符串	Status of the condition; one of True, False, Unknown.	true
`type`	字符串	Type of Atlas Custom Resource condition.	true
`lastTransitionTime`	字符串	Last time the condition transitioned from one status to another. Represented in `ISO` 8601 format. Format: date-time	false
`message`	字符串	A `message` providing details about the transition.	false
`reason`	字符串	The `reason` for the condition's last transition.	false

AtlasProject.status.alertConfigurations

`Name`	类型	说明	必需
`acknowledgedUntil`	字符串	The date through which the alert has been acknowledged. Will not be present if the alert has never been acknowledged.	false
`acknowledgementComment`	字符串	The comment left by the user who acknowledged the alert. Will not be present if the alert has never been acknowledged.	false
`acknowledgingUsername`	字符串	The username of the user who acknowledged the alert. Will not be present if the alert has never been acknowledged.	false
`alertConfigId`	字符串	`ID` of the alert configuration that triggered this alert.	false
`clusterId`	字符串	The `ID` of the cluster to which this alert applies. Only present for alerts of type `BACKUP`, `REPLICA_SET`, and `CLUSTER`.	false
`clusterName`	字符串	The name the cluster to which this alert applies. Only present for alerts of type `BACKUP`, `REPLICA_SET`, and `CLUSTER`.	false
`created`	字符串	Timestamp in `ISO` 8601 date and time format in `UTC` when this alert configuration was created.	false
`currentValue`	对象	`CurrentValue` represents current value of the metric that triggered the alert. Only present for alerts of type `HOST_METRIC`.	false
`enabled`	布尔	如果省略，则禁用配置。	false
`errorMessage`	字符串	`ErrorMessage` is massage if the alert configuration is in an incorrect state.	false
`eventTypeName`	字符串	The type of event that will trigger an alert.	false
`groupId`	字符串	拥有此警报配置的项目的唯一标识符。	false
`hostId`	字符串	`ID` of the host to which the metric pertains. Only present for alerts of type `HOST`, `HOST_METRIC`, and `REPLICA_SET`.	false
`hostnameAndPort`	字符串	The hostname and port of each host to which the alert applies. Only present for alerts of type `HOST`, `HOST_METRIC`, and `REPLICA_SET`.	false
`id`	字符串	唯一标识符。	false
`lastNotified`	字符串	上次为此警报发送通知的时间。仅在已发送通知时显示。	false
`matchers`	[]object	仅当`EventTypeName`指定主机、副本集或分片集群的事件时，才能使用`matchers`数组进行筛选。	false
`metricName`	字符串	The name of the measurement whose value went outside the threshold. Only present if `eventTypeName` is set to `OUTSIDE_METRIC_THRESHOLD`.	false
`metricThreshold`	对象	`MetricThreshold` causes an alert to be triggered.	false
`notifications`	[]object	Notifications are sending when an alert condition is detected.	false
`replicaSetName`	字符串	Name of the replica set. Only present for alerts of type `HOST`, `HOST_METRIC`, `BACKUP`, and `REPLICA_SET`.	false
`resolved`	字符串	When the alert was closed. Only present if the status is `CLOSED`.	false
`severityOverride`	字符串	Severity of the alert.	false
`sourceTypeName`	字符串	For alerts of the type `BACKUP`, the type of server being backed up.	false
`status`	字符串	The current state of the alert. Possible values are: `TRACKING`, `OPEN`, `CLOSED`, `CANCELED`	false
`threshold`	对象	Threshold causes an alert to be triggered.	false
`updated`	字符串	Timestamp in `ISO` 8601 date and time format in `UTC` when this alert configuration was last updated.	false

AtlasProject.status.alertConfigurations.currentValue

CurrentValue represents current value of the metric that triggered the alert. Only present for alerts of type HOST_METRIC.

`Name`	类型	说明	必需
`number`	字符串	The value of the metric.	false
`units`	字符串	The `units` for the value. Depends on the type of metric.	false

AtlasProject.status.alertConfigurations.matchers

`Name`	类型	说明	必需
`fieldName`	字符串	目标对象中要匹配的字段的名称。	false
`operator`	字符串	The `operator` to test the field’s value.	false
`value`	字符串	要使用指定操作符进行测试的值。	false

AtlasProject.status.alertConfigurations.metricThreshold

MetricThreshold causes an alert to be triggered.

`Name`	类型	说明	必需
`threshold`	字符串	Threshold value outside which an alert will be triggered.	true
`metricName`	字符串	Name of the metric to check.	false
`mode`	字符串	This must be set to `AVERAGE`. Atlas computes the current metric value as an average.	false
`operator`	字符串	根据阈值检查当前指标值时要应用的操作符。	false
`units`	字符串	The `units` for the threshold value.	false

AtlasProject.status.alertConfigurations.notifications

`Name`	类型	说明	必需
`apiToken`	字符串	Slack `API` token or Bot token. Populated for the `SLACK` notifications type. If the token later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.	false
`channelName`	字符串	Slack channel name. Populated for the `SLACK` notifications type.	false
`datadogApiKey`	字符串	Datadog `API` Key. Found in the Datadog dashboard. Populated for the `DATADOG` notifications type.	false
`datadogRegion`	字符串	Region that indicates which `API` `URL` to use	false
`delayMin`	整型	检测到警报条件后发送第一个通知之前的等待分钟数。	false
`emailAddress`	字符串	Email address to which alert notifications are sent. Populated for the `EMAIL` notifications type.	false
`emailEnabled`	布尔	Flag indicating if email notifications should be sent. Populated for `ORG`, `GROUP`, and `USER` notifications types.	false
`flowName`	字符串	Flowdock flow namse in lower-case letters.	false
`flowdockApiToken`	字符串	The Flowdock personal `API` token. Populated for the `FLOWDOCK` notifications type. If the token later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.	false
`intervalMin`	整型	未解决的未确认警报的连续通知之间等待的分钟数。	false
`mobileNumber`	字符串	Mobile number to which alert notifications are sent. Populated for the `SMS` notifications type.	false
`opsGenieApiKey`	字符串	Opsgenie `API` Key. Populated for the `OPS_GENIE` notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the token.	false
`opsGenieRegion`	字符串	Region that indicates which `API` `URL` to use.	false
`orgName`	字符串	Flowdock organization name in lower-case letters. This is the name that appears after www.flowdock.com/app/ in the `URL` string. Populated for the `FLOWDOCK` notifications type.	false
`roles`	[]string	The following `roles` grant privileges within a project.	false
`serviceKey`	字符串	`PagerDuty` service key. Populated for the `PAGER_DUTY` notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the key.	false
`smsEnabled`	布尔	Flag indicating if text message notifications should be sent. Populated for `ORG`, `GROUP`, and `USER` notifications types.	false
`teamId`	字符串	团队的唯一标识符。	false
`teamName`	字符串	接收此通知的团队的标签。	false
`typeName`	字符串	警报通知类型。	false
`username`	字符串	Name of the Atlas user to which to send notifications. Only a user in the project that owns the alert configuration is allowed here. Populated for the `USER` notifications type.	false
`victorOpsApiKey`	字符串	`VictorOps` `API` key. Populated for the `VICTOR_OPS` notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the key.	false
`victorOpsRoutingKey`	字符串	`VictorOps` routing key. Populated for the `VICTOR_OPS` notifications type. If the key later becomes invalid, Atlas sends an email to the project owner and eventually removes the key.	false

AtlasProject.status.alertConfigurations.threshold

Threshold causes an alert to be triggered.

`Name`	类型	说明	必需
`operator`	字符串	Operator to apply when checking the current metric value against the threshold value. it accepts the following values: `GREATER_THAN`, `LESS_THAN`	false
`threshold`	字符串	Threshold value outside which an alert will be triggered.	false
`units`	字符串	The `units` for the threshold value	false

AtlasProject.status.cloudProviderIntegrations

`Name`	类型	说明	必需
`atlasAssumedRoleExternalId`	字符串	Unique external `ID` that `MongoDB` Atlas uses when it assumes the `IAM` role in your Amazon Web Services account.	true
`providerName`	字符串	用于标识角色的云提供商的人类可读标签。	true
`atlasAWSAccountArn`	字符串	Amazon Resource Name that identifies the Amazon Web Services user account that `MongoDB` Atlas uses when it assumes the Identity and Access Management role.	false
`authorizedDate`	字符串	Date and time when someone authorized this role for the specified cloud service provider. This parameter expresses its value in the `ISO` 8601 timestamp format in `UTC`.	false
`createdDate`	字符串	Date and time when someone created this role for the specified cloud service provider. This parameter expresses its value in the `ISO` 8601 timestamp format in `UTC`.	false
`errorMessage`	字符串	Application error message returned.	false
`featureUsages`	[]object	List that contains application features associated with this Amazon Web Services Identity and Access Management role.	false
`iamAssumedRoleArn`	字符串	Amazon Resource Name that identifies the Amazon Web Services Identity and Access Management role that `MongoDB` Cloud assumes when it accesses resources in your `AWS` account.	false
`roleId`	字符串	用于标识角色的唯一的 24 位十六进制数字字符串。	false
`status`	字符串	Provision `status` of the service account. Values are `IN_PROGRESS`, `COMPLETE`, `FAILED`, or `NOT_INITIATED`.	false

AtlasProject.status.cloudProviderIntegrations.featureUsages

`Name`	类型	说明	必需
`featureId`	字符串	Identifying characteristics about the data lake linked to this Amazon Web Services Identity and Access Management role.	false
`featureType`	字符串	Human-readable label that describes one `MongoDB` Cloud feature linked to this Amazon Web Services Identity and Access Management role.	false

AtlasProject.status.customRoles

`Name`	类型	说明	必需
`name`	字符串	Role `name` which is unique	true
`status`	字符串	The `status` of the given custom role (`OK` or `FAILED`)	true
`error`	字符串	The message when the custom role is in the `FAILED` status	false

AtlasProject.status.expiredIpAccessList

`Name`	类型	说明	必需
`awsSecurityGroup`	字符串	Unique identifier of `AWS` security group in this access list entry.	false
`cidrBlock`	字符串	Range of `IP` addresses in `CIDR` notation in this access list entry.	false
`comment`	字符串	与此访问权限列表条目关联的注释。	false
`deleteAfterDate`	字符串	Timestamp in `ISO` 8601 date and time format in `UTC` after which Atlas deletes the temporary access list entry.	false
`ipAddress`	字符串	Entry using an `IP` address in this access list entry.	false

AtlasProject.status.networkPeers

`Name`	类型	说明	必需
`id`	字符串	Unique identifier for `NetworkPeer`.	true
`providerName`	字符串	Cloud provider for which you want to retrieve a network peer.	true
`region`	字符串	Region for which you want to create the network peer. It isn't needed for `GCP`	true
`atlasGcpProjectId`	字符串	`ProjectID` of Atlas container. Applicable only for `GCP`. It's needed to add network peer connection.	false
`atlasNetworkName`	字符串	Atlas Network Name. Applicable only for `GCP`. It's needed to add network peer connection.	false
`connectionId`	字符串	Unique identifier of the network peer connection. Applicable only for `AWS`.	false
`containerId`	字符串	`ContainerID` of Atlas network peer container.	false
`errorMessage`	字符串	Error state of the network peer. Applicable only for `GCP`.	false
`errorState`	字符串	Error state of the network peer. Applicable only for Azure.	false
`errorStateName`	字符串	Error state of the network peer. Applicable only for `AWS`.	false
`gcpProjectId`	字符串	`ProjectID` of the user's vpc. Applicable only for `GCP`.	false
`status`	字符串	Status of the network peer. Applicable only for `GCP` and Azure.	false
`statusName`	字符串	Status of the network peer. Applicable only for `AWS`.	false
`vpc`	字符串	`VPC` is general purpose field for storing the name of the `VPC`. `VPC` is `vpcID` for `AWS`, user `networkName` for `GCP`, and `vnetName` for Azure.	false

AtlasProject.status.privateEndpoints

`Name`	类型	说明	必需
`provider`	字符串	Cloud `provider` for which you want to retrieve a private endpoint service. Atlas accepts `AWS` or `AZURE`.	true
`region`	字符串	Cloud provider `region` for which you want to create the private endpoint service.	true
`endpoints`	[]object	Collection of individual `GCP` private `endpoints` that comprise your network endpoint group.	false
`id`	字符串	Unique identifier for `AWS` or `AZURE` Private Link Connection.	false
`interfaceEndpointId`	字符串	Unique identifier of the `AWS` or Azure Private Link Interface Endpoint.	false
`serviceAttachmentNames`	[]string	Unique alphanumeric and special character strings that identify the service attachments associated with the `GCP` Private Service Connect endpoint service.	false
`serviceName`	字符串	Name of the `AWS` or Azure Private Link Service that Atlas manages.	false
`serviceResourceId`	字符串	Unique identifier of the Azure Private Link Service (for `AWS` the same as `ID`).	false

AtlasProject.status.privateEndpoints.endpoints

`Name`	类型	说明	必需
`endpointName`	字符串	人类可读标签，用于标识您创建的 Google Cloud 消费者转发规则。	true
`ipAddress`	字符串	此 Google Cloud 使用方转发规则解析为的一个私有互联网协议版本 4 (IPv4)解决。	true
`status`	字符串	State of the `MongoDB` Atlas endpoint group when `MongoDB` Cloud received this request.	true

AtlasProject.status.prometheus

Prometheus contains the status for Prometheus integration including the prometheusDiscoveryURL

`Name`	类型	说明	必需
`prometheusDiscoveryURL`	字符串	`URL` from which Prometheus fetches the targets.	false
`scheme`	字符串	Protocol `scheme` used for Prometheus requests.	false

AtlasProject.status.teams

`Name`	类型	说明	必需
`teamRef`	对象	`ResourceRefNamespaced` is a reference to a Kubernetes Resource that allows to configure the namespace	true
`id`	字符串		false

AtlasProject.status.teams.teamRef

ResourceRefNamespaced is a reference to a Kubernetes Resource that allows to configure the namespace

`Name`	类型	说明	必需
`name`	字符串	Name of the Kubernetes Resource	true
`namespace`	字符串	Namespace of the Kubernetes Resource	false

后退

自定义资源

来年

Atlas 部署