Create One Private Endpoint for One Provider

Info With Circle IconCreated with Sketch.Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

Create one private endpoint for AWS or Azure in an Atlas project.

If the attempt to add an endpoint fails, delete it, then try to add a new one.

The Atlas API authenticates using HTTP Digest Authentication. Provide a programmatic API public key and corresponding private key as the username and password when constructing the HTTP request.

To learn how to configure API access for an Atlas project, see Configure Atlas API Access.

You must complete the following steps for your cloud provider before you can create a private endpoint:


Create One Private Endpoint Service for One Provider in the AWS region to which you want to deploy your private endpoint.


Create the endpoint in AWS with the following information:

Note the VpcEndpointId in the response from the CreateVpcEndpoint AWS CLI command. Include the value of this field as the id in the request body for /groups/{GROUP-ID}/privateEndpoint/{CLOUD-PROVIDER}/endpointService/{ENDPOINT-SERVICE-ID}/endpoint.

You must have at the Project Owner role for the project to successfully call this resource.

POST /groups/{GROUP-ID}/privateEndpoint/{CLOUD-PROVIDER}/endpointService/{ENDPOINT-SERVICE-ID}/endpoint
Path ParameterTypeNecessityDescriptionon
{GROUP-ID}stringRequiredUnique identifier for the project for which you want to create a private endpoint.
{CLOUD-PROVIDER}stringRequiredCloud provider for which you want to create a private endpoint. Atlas accepts AWS or AZURE.
{ENDPOINT-SERVICE-ID}stringRequiredUnique identifier of the private endpoint service for which you want to create a private endpoint.
prettybooleanOptionalFlag indicating whether the response body should be in a prettyprint format.false

Flag indicating if Atlas should wrap the response in a JSON envelope.

This option may be needed for some API clients. These clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query.

For endpoints that return one result, the response body includes:

statusHTTP response code
envelopeExpected response body
Body ParameterTypeNecessityDescription
idstringRequiredUnique identifier of the private endpoint you created in your AWS VPC .
Response ParameterTypeDescription

Status of the interface endpoint. Returns one of the following values:

NONEAtlas created the network load balancer and VPC endpoint service, but AWS hasn't yet created the VPC endpoint.
PENDING_ACCEPTANCEAWS has received the connection request from your VPC endpoint to the Atlas VPC endpoint service.
PENDINGAWS is establishing the connection between your VPC endpoint and the Atlas VPC endpoint service.
AVAILABLEAtlas VPC resources are connected to the VPC endpoint in your VPC . You can connect to Atlas clusters in this region using AWS PrivateLink.
REJECTEDAWS failed to establish a connection between Atlas VPC resources to the VPC endpoint in your VPC .
DELETINGAtlas is removing the interface endpoint from the private endpoint connection.
deleteRequestedbooleanFlag that indicates whether Atlas received a request to remove the interface endpoint from the private endpoint connection.
errorMessagestringError message pertaining to the interface endpoint. Atlas returns null if there are no errors.
interfaceEndpointIdstringUnique identifier of the interface endpoint.
1curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \
2 --header "Accept: application/json" \
3 --header "Content-Type: application/json" \
4 --request POST "{GROUP-ID}/privateEndpoint/AWS/endpointService/{ENDPOINT-SERVICE-ID}/endpoint?pretty=true" \
5 --data '
6 {
7 "id" : "vpce-0d00c26273372c6ef"
8 }'
2 "connectionStatus": "PENDING",
3 "deleteRequested": false,
4 "errorMessage": null,
5 "interfaceEndpointId": "vpce-08fb7e9319909ec7b"
Give Feedback