Create One New Network Peering Connection¶
Create one network peering connection in an Atlas project. You must
have either the Project Owner or Organization Owner role to succesfully call this endpoint.
Groups and projects are synonymous terms. Your {GROUP-ID} is the
same as your project ID. For existing groups, your group/project ID
remains the same. The resource and corresponding endpoints use the
term groups.
Base URL: https://cloud.mongodb.com/api/atlas/v1.0
Azure Prerequisites¶
For details about how Atlas creates
Network Peering
connections with Azure VPC �s, see the Azure tab in
Set up a Network Peering Connection.
You must complete the following steps before you create each Azure network peering connection:
Run the following Azure CLI command to create a service principal using the specified Atlas peering application ID:
az ad sp create --id e90a1407-55c3-432d-9cb1-3638900a9d22 You only have to do this once for each subscription. If you receive the following message, the service principal with the Atlas peering application ID already exists. Proceed to the next step.
Another object with the same value for property servicePrincipalNames already exists. Copy the following example
peering-role.jsonfile and save it to your current working directory:1 { 2 "Name":"AtlasPeering/<azureSubscriptionId>/<resourceGroupName>/<vnetName>", 3 "IsCustom":true, 4 "Description":"Grants MongoDB access to manage peering connections on network /subscriptions/<azureSubscriptionId>/resourceGroups/<resourceGroupName>/providers/Microsoft.Network/virtualNetworks/<vnetName>", 5 "Actions":[ 6 "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read", 7 "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write", 8 "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete", 9 "Microsoft.Network/virtualNetworks/peer/action" 10 ], 11 "AssignableScopes":[ 12 "/subscriptions/<azureSubscriptionId>/resourceGroups/<resourceGroupName>/providers/Microsoft.Network/virtualNetworks/<vnetName>" 13 ] 14 } Replace the variables in the
peering-role.jsonwith details about the Azure VNet to which you want to create a peering connection:VariableDescriptionazureSubscriptionIdUnique identifer of the Azure subscription in which the VNet resides.resourceGroupNameName of your Azure resource group.vnetNameName of your Azure VNet.Run the following Azure CLI command to create the role definition using the
peering-role.jsonfile:az role definition create --role-definition peering-role.json Run the Azure CLI command shown below to assign the role you created to the service principal.
Replace the variables with the same values you used in the
peering-role.jsonfile.az role assignment create \ --role "AtlasPeering/<azureSubscriptionId>/<resourceGroupName>/<vnetName>" \ --assignee "e90a1407-55c3-432d-9cb1-3638900a9d22" \ --scope "/subscriptions/<azureSubscriptionId>/resourceGroups/<resourceGroupName>/providers/Microsoft.Network/virtualNetworks/<vnetName>"
Resource¶
POST /groups/{GROUP-ID}/peers
Request Path Parameters¶
Parameter | Type | Necessity | Description |
|---|---|---|---|
GROUP-ID | string | Required | Unique identifier for the project. |
Request Query Parameters¶
This endpoint might use any of the HTTP request query parameters available to all Atlas API resources. All of these are optional.
Name | Type | Necessity | Description | Default | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
pretty | boolean | Optional | Flag indicating whether the response body should be in a
prettyprint format. | false | ||||||
envelope | boolean | Optional | Flag indicating if Atlas should wrap the response in a JSON envelope. This option may be needed for some API clients. These clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. For endpoints that return one result, the response body includes:
| false |
Request Body Parameters¶
Parameter | Type | Necessity | Description |
|---|---|---|---|
accepterRegionName | string | Required | Specifies the region where the peer VPC resides.
For complete lists of supported regions, see Amazon Web Services. |
awsAccountId | string | Required | Account ID of the owner of the peer VPC . |
containerId | string | Required | Unique identifier of the Atlas VPC container for the region. You can create an Atlas network peering container using the Create Container endpoint. You cannot create more than one container per region. To retrieve a list of container IDs, use the Get list of VPC containers endpoint. |
providerName | string | Optional | Cloud provider for this VPC peering connection.
If omitted, Atlas sets this parameter to AWS. |
routeTableCidrBlock | string | Required | Peer VPC CIDR block or subnet. |
vpcId | string | Required | Unique identifier of the peer VPC . |
Response Elements¶
Body Parameter | Type | Description |
|---|---|---|
accepterRegionName | string | AWS region where the peer VPC resides. Returns null if
the region is the same region in which the Atlas VPC
resides. |
awsAccountId | string | AWS account ID of the owner of the peer VPC . |
connectionId | string | Unique identifier for the peering connection. |
containerId | string | Unique identifier of the Atlas VPC container for the AWS
region. |
errorStateName | string | Error state, if any. The VPC peering connection error state value can be one of the following:
|
id | string | CIDR block that Atlas uses for the clusters in your
project. |
routeTableCidrBlock | string | Peer VPC CIDR block or subnet. |
statusName | string | The VPC peering connection status value can be one of the following:
|
vpcId | string | Unique identifier of the peer VPC . |
Example Request¶
1 curl --user '{PUBLIC-KEY}:{PRIVATE-KEY}' --digest \ 2 --header "Accept: application/json" \ 3 --header "Content-Type: application/json" \ 4 --request POST "https://cloud.mongodb.com/api/atlas/v1.0/groups/5356823b3794dee37132bb7b/peers?pretty=true" \ 5 --data ' 6 { 7 "accepterRegionName" : "us-west-1", 8 "awsAccountId" : "abc123abc123", 9 "containerId" : "{CONTAINER-ID}", 10 "providerName" : "AWS", 11 "routeTableCidrBlock" : "192.168.0.0/24", 12 "vpcId" : "vpc-abc123abc123" 13 }'
Example Response¶
1 { 2 "accepterRegionName" : "us-west-1", 3 "awsAccountId" : "999900000000", 4 "connectionId" : null, 5 "containerId" : "{CONTAINER-ID}", 6 "errorStateName" : null, 7 "id" : "{PEERING-CONNECTION-ID}", 8 "routeTableCidrBlock" : "10.15.0.0/16", 9 "statusName" : "INITIATING", 10 "vpcId" : "vpc-abc123abc123" 11 }