Create Access List Entries for One Project Service Account
On this page
- OAuth 2.0 authentication for programmatic access to Cloud Manager is available as a Preview feature.
- The feature and the corresponding documentation might change at any time during the Preview period. To use OAuth 2.0 authentication, create a service account to use in your requests to the Cloud Manager Public API.
Base URL: https://cloud.mongodb.com/api/public/v1.0
Create one or more new access list entries for the specified service account.
Resource
POST /groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}/accessList
Request Path Parameters
Name | Type | Description |
|---|---|---|
| string | Unique identifier for the Project to which the target service account belongs. Use the /groups endpoint to retrieve all Projects to which the authenticated user has access. |
| string | Unique identifier for the service account you want to create a secret for. Use the /groups/{PROJECT-ID}/serviceAccounts endpoint to retrieve all service accounts to which the authenticated user has access for the specified Project. |
Request Query Parameters
The following query parameters are optional:
Name | Type | Description | Default | ||||||
|---|---|---|---|---|---|---|---|---|---|
pageNum | integer | Page number (1-index based). |
| ||||||
itemsPerPage | integer | Number of items to return per page, up to a maximum of 500. |
| ||||||
pretty | boolean | Indicates whether the response body should be in a prettyprint format. |
| ||||||
envelope | boolean | Indicates whether or not to wrap the response in an envelope. Some API clients cannot access the HTTP response headers or
status code. To remediate this, set For endpoints that return one result, response body includes:
For endpoints that return a list of results, the | None |
Request Body Parameters
Specify an array of documents, where each document represents one access list entry you want to add to the project. You must specify an array even if you are only associating a single access list entry to the project.
When you submit a POST request containing ipAddress or
cidrBlock values which are not already present in the access list,
Cloud Manager adds those entries to the list of existing entries in the
access list. Cloud Manager does not set the access list to only contain the
entries specified in the request.
In the following table, [i] represents an array index.
Name | Type | Description |
|---|---|---|
| string | IP address to be added to the access list for the
service account. This field is mutually exclusive with the
|
| string | Access list entry in CIDR notation to be added for the
service account. This field is mutually exclusive with the
|
Response
Response Document
The response JSON document includes an array of result objects, an array of link objects and a count of the total number of result objects retrieved.
Name | Type | Description |
|---|---|---|
| array | Array includes one object for each item detailed in the
|
| array | Array includes one or more links to sub-resources and/or related resources. The relations between URLs are explained in the Web Linking Specification. |
| number | Integer count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. |
results Embedded Document
Each object within the results array is one access list entry.
Name | Type | Description |
|---|---|---|
| string | CIDR-notated range of IP addresses in the access list. |
| number | Total number of requests that have originated from this IP address. |
| date | Date this IP address was added to the access list. |
| string | IP address in the access list. |
| date | Date of the most recent request that originated from this IP address. This field only appears if at least one request has originated from this IP address, and is only updated when a resource is retrieved from the access list. |
| string | IP address from which the last call to the API was issued. This field only appears if at least one request has originated from this IP address. |
Example Request
1 curl --user '{PUBLIC-KEY}:{PRIVATE-KEY}' --digest \ 2 --header 'Accept: application/json' \ 3 --header 'Content-Type: application/json' \ 4 --include \ 5 --request POST "https://cloud.mongodb.com/api/public/v1.0/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}/accessList?pretty=true" \ 6 --data ' 7 [{ 8 "ipAddress" : "77.54.32.11" 9 }]'
Example Response
Response Header
401 Unauthorized Content-Type: application/json;charset=ISO-8859-1 Date: {dateInUnixFormat} WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false Content-Length: {requestLengthInBytes} Connection: keep-alive
200 OK Vary: Accept-Encoding Content-Type: application/json Strict-Transport-Security: max-age=300 Date: {dateInUnixFormat} Connection: keep-alive Content-Length: {requestLengthInBytes} X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}
Response Body
1 { 2 "links" : [ { 3 "href" : "https://cloud.mongodb.com/api/public/v1.0/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}/accessList?pretty=true&pageNum=1&itemsPerPage=100", 4 "rel" : "self" 5 } ], 6 "results" : [ { 7 "cidrBlock" : "206.252.195.126/32", 8 "requestCount" : 47, 9 "createdAt" : "2019-01-24T16:26:37Z", 10 "ipAddress" : "206.252.195.126", 11 "lastUsed" : "2019-01-25T16:32:47Z", 12 "lastUsedAddress" : "206.252.195.126" 13 14 } ], 15 "totalCount" : 1 16 }