- API >
- API Resources >
- Encryption at Rest >
- Get Configuration for Encryption at Rest for a Project
Get Configuration for Encryption at Rest for a Project¶
On this page
Retrieves the current configuration details for Encryption at Rest for an Atlas project.
Note
Groups and projects are synonymous terms. Your {GROUP-ID} is the
same as your project ID. For existing groups, your group/project ID
remains the same. The resource and corresponding endpoints use the
term groups.
Feature unavailable in Free and Shared Tier Clusters
This feature is not available for M0 (Free Tier), M2, and
M5 clusters. To learn more about which features are unavailable,
see Atlas M0 (Free Tier), M2, and M5 Limitations.
The Atlas API uses HTTP Digest Authentication. Provide your Atlas username and API key as the username and password when constructing the HTTP request.
For complete documentation on configuring API access for an Atlas project, see Configure Atlas API Access.
Base URL: https://cloud.mongodb.com/api/atlas/v1.0
Syntax¶
Request Path Parameters¶
| Path Element | Required/Optional | Description |
|---|---|---|
GROUP-ID |
Required. | The unique identifier for the project. |
Request Query Parameters¶
This endpoint may use any of the HTTP request query parameters available to all Atlas API resources. These are all optional.
| Name | Type | Description | Default |
|---|---|---|---|
pretty |
boolean | Displays response in a prettyprint format. | false |
envelope |
boolean | Specifies whether or not to wrap the response in an envelope. | false |
Request Body Parameters¶
This endpoint does not use HTTP request body parameters.
Response¶
| Name | Type | Description |
|---|---|---|
awsKms |
object | Specifies whether Encryption at Rest is enabled for an Atlas project and the AWS KMS configuration details. |
awsKms.accessKeyID |
string | The IAM access key ID with permissions to access the customer
master key specified by customerMasterKeyID. |
awsKms.customerMasterKeyID |
string | The AWS customer master key used to encrypt and decrypt the MongoDB master keys. |
awsKms.enabled |
boolean | Specifies whether Encryption at Rest is enabled for an Atlas project. |
awsKms.region |
string | The AWS region in which the AWS customer master key exists. |
azureKeyVault |
object | Specifies Azure Key Vault configuration details and whether Encryption at Rest is enabled for an Atlas project. |
azureKeyVault.azureEnvironment |
string | The Azure environment where the Azure account credentials reside. |
azureKeyVault.clientID |
string | The client ID, also known as the application ID, for an Azure application associated with the Azure AD tenant. |
azureKeyVault.enabled |
boolean | Specifies whether Encryption at Rest is enabled for an Atlas project and the Azure Key Vault configuration details. |
azureKeyVault.keyIdentifier |
string | The unique identifier of a key in an Azure Key Vault. |
azureKeyVault.keyVaultName |
string | The name of an Azure Key Vault containing your key. |
azureKeyVault.resourceGroupName |
string | The name of the Azure Resource group that contains an Azure Key Vault. |
azureKeyVault.subscriptionID |
string | The unique identifier associated with an Azure subscription. |
azureKeyVault.tenantID |
string | Unique identifier for an Azure AD tenant within an Azure subscription. |
Example Request¶
Example Response¶
The following example response contains configuration details for Encryption at Rest for an Atlas project using AWS KMS:
Example Response¶
The following example response contains configuration details for Encryption at Rest for an Atlas project using Azure Key Vault: