doc: Adds example & documentation for new mongodbatlas_cloud_user_org_assignment resource (#3493)

maastha · web-flow · commit e212c8193782 · 2025-07-21T23:45:56.000+02:00
diff --git a/docs/data-sources/cloud_user_org_assignment.md b/docs/data-sources/cloud_user_org_assignment.md
@@ -0,0 +1,74 @@
+# Data Source: mongodbatlas_cloud_user_org_assignment
+
+`mongodbatlas_cloud_user_org_assignment` provides a Cloud User Organization Assignment data source. The data source lets you retrieve a user assigned to an organization.
+
+**NOTE**: Users with pending invitations created using the deprecated`mongodbatlas_project_invitation` resource or via the deprecated [Invite One MongoDB Cloud User to One Project](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser#tag/Projects/operation/createProjectInvitation) 
+endpoint are not returned with this resource. See  [MongoDB Atlas API](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser) for details. 
+To manage such users with this resource, refer to our [migration guide]<link-to-migration-guide>.
+
+## Example Usages
+
+```terraform
+resource "mongodbatlas_cloud_user_org_assignment" "example" {
+  org_id   = var.org_id
+  username = var.user_email
+  roles = {
+    org_roles = ["ORG_MEMBER"]
+  }
+}
+
+data "mongodbatlas_cloud_user_org_assignment" "example_username" {
+  org_id   = var.org_id
+  username = var.user_email
+}
+
+data "mongodbatlas_cloud_user_org_assignment" "example_user_id" {
+  org_id  = var.org_id
+  user_id = var.user_id
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `org_id` (String) Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the [/orgs](#tag/Organizations/operation/listOrganizations) endpoint to retrieve all organizations to which the authenticated user has access.
+
+### Optional
+
+- `user_id` (String) Unique 24-hexadecimal digit string that identifies the MongoDB Cloud user.
+- `username` (String) Email address that represents the username of the MongoDB Cloud user.
+
+### Read-Only
+
+- `country` (String) Two-character alphabetical string that identifies the MongoDB Cloud user's geographic location. This parameter uses the ISO 3166-1a2 code format.
+- `created_at` (String) Date and time when MongoDB Cloud created the current account. This value is in the ISO 8601 timestamp format in UTC.
+- `first_name` (String) First or given name that belongs to the MongoDB Cloud user.
+- `invitation_created_at` (String) Date and time when MongoDB Cloud sent the invitation. MongoDB Cloud represents this timestamp in ISO 8601 format in UTC.
+- `invitation_expires_at` (String) Date and time when the invitation from MongoDB Cloud expires. MongoDB Cloud represents this timestamp in ISO 8601 format in UTC.
+- `inviter_username` (String) Username of the MongoDB Cloud user who sent the invitation to join the organization.
+- `last_auth` (String) Date and time when the current account last authenticated. This value is in the ISO 8601 timestamp format in UTC.
+- `last_name` (String) Last name, family name, or surname that belongs to the MongoDB Cloud user.
+- `mobile_number` (String) Mobile phone number that belongs to the MongoDB Cloud user.
+- `org_membership_status` (String) String enum that indicates whether the MongoDB Cloud user has a pending invitation to join the organization or they are already active in the organization.
+- `roles` (Attributes) Organization and project level roles to assign the MongoDB Cloud user within one organization. (see [below for nested schema](#nestedatt--roles))
+- `team_ids` (Set of String) List of unique 24-hexadecimal digit strings that identifies the teams to which this MongoDB Cloud user belongs.
+
+<a id="nestedatt--roles"></a>
+### Nested Schema for `roles`
+
+Read-Only:
+
+- `org_roles` (Set of String) One or more organization level roles to assign the MongoDB Cloud user.
+- `project_role_assignments` (Attributes List) List of project level role assignments to assign the MongoDB Cloud user. (see [below for nested schema](#nestedatt--roles--project_role_assignments))
+
+<a id="nestedatt--roles--project_role_assignments"></a>
+### Nested Schema for `roles.project_role_assignments`
+
+Read-Only:
+
+- `project_id` (String) Unique 24-hexadecimal digit string that identifies the project to which these roles belong.
+- `project_roles` (Set of String) One or more project-level roles assigned to the MongoDB Cloud user.
+
+For more information see: [MongoDB Atlas API - Cloud Users](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser) Documentation.
diff --git a/docs/resources/cloud_user_org_assignment.md b/docs/resources/cloud_user_org_assignment.md
@@ -0,0 +1,84 @@
+# Resource: mongodbatlas_cloud_user_org_assignment
+
+`mongodbatlas_cloud_user_org_assignment` provides a Cloud User Organization Assignment resource. The resource lets you import, assign, remove, or update a user to an organization.
+
+**NOTE**: Users with pending invitations created using the deprecated `mongodbatlas_project_invitation` resource or via the deprecated [Invite One MongoDB Cloud User to One Project](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser#tag/Projects/operation/createProjectInvitation)
+endpoint cannot be managed with this resource. See [MongoDB Atlas API](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser) for details.
+To manage such users with this resource, refer to our [migration guide]<link-to-migration-guide>.
+
+## Example Usages
+
+```terraform
+resource "mongodbatlas_cloud_user_org_assignment" "example" {
+  org_id   = var.org_id
+  username = var.user_email
+  roles = {
+    org_roles = ["ORG_MEMBER"]
+  }
+}
+
+data "mongodbatlas_cloud_user_org_assignment" "example_username" {
+  org_id   = var.org_id
+  username = var.user_email
+}
+
+data "mongodbatlas_cloud_user_org_assignment" "example_user_id" {
+  org_id  = var.org_id
+  user_id = var.user_id
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `org_id` (String) Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the [/orgs](#tag/Organizations/operation/listOrganizations) endpoint to retrieve all organizations to which the authenticated user has access.
+- `roles` (Attributes) Organization and project level roles to assign the MongoDB Cloud user within one organization. (see [below for nested schema](#nestedatt--roles))
+- `username` (String) Email address that represents the username of the MongoDB Cloud user.
+
+### Read-Only
+
+- `country` (String) Two-character alphabetical string that identifies the MongoDB Cloud user's geographic location. This parameter uses the ISO 3166-1a2 code format.
+- `created_at` (String) Date and time when MongoDB Cloud created the current account. This value is in the ISO 8601 timestamp format in UTC.
+- `first_name` (String) First or given name that belongs to the MongoDB Cloud user.
+- `invitation_created_at` (String) Date and time when MongoDB Cloud sent the invitation. MongoDB Cloud represents this timestamp in ISO 8601 format in UTC.
+- `invitation_expires_at` (String) Date and time when the invitation from MongoDB Cloud expires. MongoDB Cloud represents this timestamp in ISO 8601 format in UTC.
+- `inviter_username` (String) Username of the MongoDB Cloud user who sent the invitation to join the organization.
+- `last_auth` (String) Date and time when the current account last authenticated. This value is in the ISO 8601 timestamp format in UTC.
+- `last_name` (String) Last name, family name, or surname that belongs to the MongoDB Cloud user.
+- `mobile_number` (String) Mobile phone number that belongs to the MongoDB Cloud user.
+- `org_membership_status` (String) String enum that indicates whether the MongoDB Cloud user has a pending invitation to join the organization or they are already active in the organization.
+- `team_ids` (Set of String) List of unique 24-hexadecimal digit strings that identifies the teams to which this MongoDB Cloud user belongs.
+- `user_id` (String) Unique 24-hexadecimal digit string that identifies the MongoDB Cloud user.
+
+<a id="nestedatt--roles"></a>
+### Nested Schema for `roles`
+
+Optional:
+
+- `org_roles` (Set of String) One or more organization level roles to assign the MongoDB Cloud user.
+
+Read-Only:
+
+- `project_role_assignments` (Attributes List) List of project level role assignments to assign the MongoDB Cloud user. (see [below for nested schema](#nestedatt--roles--project_role_assignments))
+
+<a id="nestedatt--roles--project_role_assignments"></a>
+### Nested Schema for `roles.project_role_assignments`
+
+Read-Only:
+
+- `project_id` (String) Unique 24-hexadecimal digit string that identifies the project to which these roles belong.
+- `project_roles` (Set of String) One or more project-level roles assigned to the MongoDB Cloud user.
+
+## Import
+
+Cloud User Org Assignment resource can be imported using the Org ID & Username OR Org ID & User ID, in the format `ORG_ID/USERNAME` OR `ORG_ID/USER_ID`.
+
+```
+$ terraform import mongodbatlas_cloud_user_org_assignment.test 63cfbf302333a3011d98592e/test-user@example.com
+OR
+$ terraform import mongodbatlas_cloud_user_org_assignment.test 63cfbf302333a3011d98592e/5f18367ccb7a503a2b481b7a
+```
+
+For more information see: [MongoDB Atlas API - Cloud Users](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-createorganizationuser) Documentation.
diff --git a/examples/mongodbatlas_cloud_user_org_assignment/README.md b/examples/mongodbatlas_cloud_user_org_assignment/README.md
@@ -0,0 +1,29 @@
+# Example: mongodbatlas_cloud_user_org_assignment
+
+This example demonstrates how to use the `mongodbatlas_cloud_user_org_assignment` resource to assign a user to an existing organization with specified roles in MongoDB Atlas.
+
+## Usage
+
+```hcl
+provider "mongodbatlas" {
+  public_key  = var.public_key
+  private_key = var.private_key
+}
+
+resource "mongodbatlas_cloud_user_org_assignment" "example" {
+  org_id   = var.org_id
+  username = var.user_email
+  roles = {
+    org_roles = ["ORG_MEMBER"]
+  }
+}
+```
+
+You must set the following variables:
+
+- `public_key`: Your MongoDB Atlas API public key.
+- `private_key`: Your MongoDB Atlas API private key.
+- `org_id`: The ID of the organization to assign the user to.
+- `user_email`: The email address of the user to assign.
+
+To learn more, see the [MongoDB Cloud Users Documentation](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-createorganizationuser).
diff --git a/examples/mongodbatlas_cloud_user_org_assignment/main.tf b/examples/mongodbatlas_cloud_user_org_assignment/main.tf
@@ -0,0 +1,17 @@
+resource "mongodbatlas_cloud_user_org_assignment" "example" {
+  org_id   = var.org_id
+  username = var.user_email
+  roles = {
+    org_roles = ["ORG_MEMBER"]
+  }
+}
+
+data "mongodbatlas_cloud_user_org_assignment" "example_username" {
+  org_id   = var.org_id
+  username = var.user_email
+}
+
+data "mongodbatlas_cloud_user_org_assignment" "example_user_id" {
+  org_id  = var.org_id
+  user_id = var.user_id
+}
diff --git a/examples/mongodbatlas_cloud_user_org_assignment/outputs.tf b/examples/mongodbatlas_cloud_user_org_assignment/outputs.tf
@@ -0,0 +1,14 @@
+output "user_from_username" {
+  description = "User details retrieved by username"
+  value       = data.mongodbatlas_cloud_user_org_assignment.example_username
+}
+
+output "user_from_user_id" {
+  description = "User details retrieved by user_id"
+  value       = data.mongodbatlas_cloud_user_org_assignment.example_user_id
+}
+
+output "created_user" {
+  description = "Details of the created user"
+  value       = mongodbatlas_cloud_user_org_assignment.example
+}
diff --git a/examples/mongodbatlas_cloud_user_org_assignment/provider.tf b/examples/mongodbatlas_cloud_user_org_assignment/provider.tf
@@ -0,0 +1,4 @@
+provider "mongodbatlas" {
+  public_key  = var.public_key
+  private_key = var.private_key
+}
diff --git a/examples/mongodbatlas_cloud_user_org_assignment/variables.tf b/examples/mongodbatlas_cloud_user_org_assignment/variables.tf
@@ -0,0 +1,24 @@
+variable "org_id" {
+  description = "The MongoDB Atlas organization ID"
+  type        = string
+}
+
+variable "user_email" {
+  description = "The email address of the user"
+  type        = string
+}
+
+variable "user_id" {
+  description = "The user ID"
+  type        = string
+}
+
+variable "public_key" {
+  description = "Atlas API public key"
+  type        = string
+}
+
+variable "private_key" {
+  description = "Atlas API private key"
+  type        = string
+}
diff --git a/examples/mongodbatlas_cloud_user_org_assignment/versions.tf b/examples/mongodbatlas_cloud_user_org_assignment/versions.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_providers {
+    mongodbatlas = {
+      source  = "mongodb/mongodbatlas"
+      version = "~> 1.38"
+    }
+  }
+  required_version = ">= 1.0"
+}
diff --git a/templates/data-sources/cloud_user_org_assignment.md.tmpl b/templates/data-sources/cloud_user_org_assignment.md.tmpl
@@ -0,0 +1,15 @@
+# {{.Type}}: {{.Name}}
+
+`{{.Name}}` provides a Cloud User Organization Assignment data source. The data source lets you retrieve a user assigned to an organization.
+
+**NOTE**: Users with pending invitations created using the deprecated`mongodbatlas_project_invitation` resource or via the deprecated [Invite One MongoDB Cloud User to One Project](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser#tag/Projects/operation/createProjectInvitation) 
+endpoint are not returned with this resource. See  [MongoDB Atlas API](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser) for details. 
+To manage such users with this resource, refer to our [migration guide]<link-to-migration-guide>.
+
+## Example Usages
+
+{{ tffile (printf "examples/%s/main.tf" .Name )}}
+
+{{ .SchemaMarkdown | trimspace }}
+
+For more information see: [MongoDB Atlas API - Cloud Users](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser) Documentation.
diff --git a/templates/resources/cloud_user_org_assignment.md.tmpl b/templates/resources/cloud_user_org_assignment.md.tmpl
@@ -0,0 +1,25 @@
+# {{.Type}}: {{.Name}}
+
+`{{.Name}}` provides a Cloud User Organization Assignment resource. The resource lets you import, assign, remove, or update a user to an organization.
+
+**NOTE**: Users with pending invitations created using the deprecated `mongodbatlas_project_invitation` resource or via the deprecated [Invite One MongoDB Cloud User to One Project](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser#tag/Projects/operation/createProjectInvitation)
+endpoint cannot be managed with this resource. See [MongoDB Atlas API](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-getorganizationuser) for details.
+To manage such users with this resource, refer to our [migration guide]<link-to-migration-guide>.
+
+## Example Usages
+
+{{ tffile (printf "examples/%s/main.tf" .Name )}}
+
+{{ .SchemaMarkdown | trimspace }}
+
+## Import
+
+Cloud User Org Assignment resource can be imported using the Org ID & Username OR Org ID & User ID, in the format `ORG_ID/USERNAME` OR `ORG_ID/USER_ID`.
+
+```
+$ terraform import mongodbatlas_cloud_user_org_assignment.test 63cfbf302333a3011d98592e/test-user@example.com
+OR
+$ terraform import mongodbatlas_cloud_user_org_assignment.test 63cfbf302333a3011d98592e/5f18367ccb7a503a2b481b7a
+```
+
+For more information see: [MongoDB Atlas API - Cloud Users](https://www.mongodb.com/docs/api/doc/atlas-admin-api-v2/operation/operation-createorganizationuser) Documentation.
