[DOCS-15953] [Atlas CLI] missing apiKey information for roles at project level vs org level Created: 08/Mar/23 Updated: 08/Nov/23 |
|
| Status: | Backlog |
| Project: | Documentation |
| Component/s: | Atlas, mcli |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Thomas Luckenbach | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | request | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Participants: | |||||
| Days since reply: | 47 weeks, 1 day ago | ||||
| Story Points: | 2 | ||||
| Description |
|
tluck@M-C02ZJQ8GMD6M ~/my_src/atlas $ atlas --profile=test-7 project apiKey create --role PROJ_OWNER --desc "test" --help MongoDB returns the private API key only once. After you run this command, immediately copy, save, and secure both the public and private API keys.
Usage: atlas projects apiKeys create [flags]
Examples: # Create an organization API key with the ORG_OWNER role and assign it to the project with ID 5e2211c17a3e5a48f5497de3: atlas projects apiKeys create --desc "My API key" --projectId 5e1234c17a3e5a48f5497de3 --role ORG_OWNER --output json
Flags: --desc string Description of the API key. -h, --help help for create -o, --output string Output format. Valid values are json, json-path, go-template, or go-template-file. --projectId string Hexadecimal string that identifies the project to use. This option overrides the settings in the configuration file or environment variable. --role strings Role or roles that you want to assign to the API key. To assign more than one role, you can specify each role with a separate role flag or specify all of the roles as a comma-separated list using one role flag. Valid values are ORG_OWNER, ORG_MEMBER, ORG_GROUP_CREATOR, ORG_BILLING_ADMIN, and ORG_READ_ONLY. the roles for a project apiKey should be:
"roleName": "GROUP_CLUSTER_MANAGER" "roleName": "GROUP_OWNER" "roleName": "ORG_MEMBER" "roleName": "GROUP_DATA_ACCESS_ADMIN" "roleName": "GROUP_DATA_ACCESS_READ_WRITE" "roleName": "GROUP_SEARCH_INDEX_EDITOR" "roleName": "GROUP_READ_ONLY" "roleName": "GROUP_DATA_ACCESS_READ_ONLY" for example: # atlas --profile=test-1 project apiKey create --role GROUP_OWNER --desc "cli 1"
|
| Comments |
| Comment by Gustavo Bazan [ 14/Mar/23 ] |
|
I have a feeling this is coming from https://github.com/10gen/mms/blob/ec7b5da4878a00ba764b5608aeaef21ce59f9cd9/server/src/main/com/xgen/svc/mms/api/view/ApiCreateApiKeyView.java#L36-L42 Seems like IAM is only documenting org level roles so I opened CLOUDP-166311 to confirm with IAM the behavior here |