Navigation

Automation Configuration

Overview

The Automation uses an automation configuration to determine the desired state of a MongoDB deployment and to effect changes as needed. If you modify the deployment through the Cloud Manager web interface, you never need manipulate this configuration.

If you are using the Automation without Cloud Manager, you can construct and distribute the configuration manually.

Optional fields are marked as such.

A field that takes a <number> as its value can take integers and floating point numbers.

Configuration Version

This lists the version of the automation configuration.

"version" : <integer>
Name Type Description
version integer The version of the configuration.

Download Base

The download base is the path to the directory where automatic version downloads will be targeted and scripts for starting processes will be created.

"options" : {
    "downloadBase" : <string>,
    "downloadBaseWindows" : <string>
}
Name Type Description
options object The options object is required and must contain both the downloadBase and downloadBaseWindows fields.
options
.downloadBase
string The directory on Linux and Unix (including Mac OS X) platforms for automatic version downloads and startup scripts.
options
.downloadBaseWindows
string The directory on Windows platforms for automatic version downloads and startup scripts.

MongoDB Versions Specifications

The mongoDbVersions array defines specification objects for the MongoDB instances found in the processes array. Each MongoDB instance in the processes array must have a specification object in this array.

"mongoDbVersions" : [
    {
        "name" : <string>,
        "builds" : [
            {
                "platform" : <string>,
                "url" : <string>,
                "gitVersion" : <string>,
                "modules" : [ <string>, ... ],
                "architecture" : <string>,
                "bits" : <integer>,
                "win2008plus" : <Boolean>,
                "winVCRedistUrl" : <string>,
                "winVCRedistOptions" : [ <string>, ... ],
                "winVCRedistDll" : <string>,
                "winVCRedistVersion" : <string>
            },
            ...
        ],
    },
    ...
]
Name Type Description
mongoDbVersions object array The mongoDbVersions array is required and defines specification objects for the MongoDB instances found in the processes array. Each MongoDB instance in processes must have a specification object in mongoDbVersions.
mongoDbVersions
.name
string The name of the specification object. The specification object is attached to a MongoDB instance through the instance’s processes.version field in this configuration.
mongoDbVersions
.builds
object array Objects that define the builds for this MongoDB instance.
mongoDbVersions
.builds
.platform
string The platform for this MongoDB instance.
mongoDbVersions
.builds
.url
string The URL from which to download MongoDB for this instance.
mongoDbVersions
.builds
.gitVersion
string The commit identifier that identifies the state of the code used to build the MongoDB process. The MongoDB buildInfo command returns the gitVersion identifier.
mongoDbVersions
.builds
.modules
array The list of modules for this version. Corresponds to the modules field returned by MongoDB 3.2+ buildInfo command.
mongoDbVersions
.builds
.architecture
string The processor’s architecture. Possible values are amd64 or ppc64le.
mongoDbVersions
.builds
.bits
integer Deprecated. The processor’s bus width. Do not remove or make modifications to this field.
mongoDbVersions
.builds
.win2008plus
Boolean Optional. Set to true if this is a Windows build that requires either Windows 7 later or Windows Server 2008 R2 or later.
mongoDbVersions
.builds
.winVCRedistUrl
string Optional. The URL from which the required version of the Microsoft Visual C++ redistributable can be downloaded.
mongoDbVersions
.builds
.winVCRedistOptions
array Optional. String values that list the command-line options to be specified when running the Microsoft Visual C++ redistributable installer. Each command-line option is a separate string in the array.
mongoDbVersions
.builds
.winVCRedistDll
string Optional. The name of the Microsoft Visual C++ runtime DLL file that the agent will check to determine if a new version of the Microsoft Visual C++ redistributable is needed.
mongoDbVersions
.builds
.winVCRedistVersion
string Optional. The minimum version of the Microsoft Visual C++ runtime DLL that must be present to skip over the installation of the Microsoft Visual C++ redistributable.

Automation

The agentVersion object is optional and specifies the version of Automation Agent.

Note

While you can update the Automation Agent version through this configuration property, it is recommended to use the Update Agent Versions endpoint to ensure your versions are up to date.

"agentVersion" : {
    "name" : <string>,
    "directoryUrl" : <string>
}
Name Type Description
agentVersion object Optional The version of the Automation Agent to run. If the running version does not match this setting, the Automation Agent downloads the specified version, shuts itself down, and starts the new version.
agentVersion
.name
string The desired version of the Automation Agent (e.g. “1.8.1.1042-1”).
agentVersion
.directoryUrl
string The URL from which to download Automation Agent.

Monitoring

The monitoringVersions array is optional and specifies the version of the Monitoring.

"monitoringVersions" : [
    {
        "name" : <string>,
        "hostname" : <string>,
        "urls" : {
            <platform1> : {
                <build1> : <string>,
                ...,
                "default" : <string>
            },
            ...
        },
        "baseUrl" : <string>,
        "logPath" : <string>,
        "logRotate" : {
            "sizeThresholdMB" : <number>,
            "timeThresholdHrs" : <integer>,
            "numUncompressed": <integer>,
            "percentOfDiskspace" : <number>,
            "numTotal" : <integer>
        }
    },
    ...
]
Name Type Description
monitoringVersions object array Optional. Objects that define version information for each Monitoring.
monitoringVersions
.name
string

Version of the Monitoring (e.g. “2.9.1.176-1”).

For MongoDB compatibility with Automation, see MongoDB Compatibility Matrix.

Important

This property is read-only. Any modifications made to this property are not reflected when updating the Monitoring through the API. To update the Monitoring Agent version, see this endpoint.

monitoringVersions
.hostname
string The hostname of the machine that runs the Monitoring. If the Monitoring is not running on the machine, Cloud Manager installs the agent from the location specified in monitoringVersions.urls.
monitoringVersions
.urls
object The platform- and build-specific URLs from which to download the Monitoring.
monitoringVersions
.urls
.<platform>
object This field has a name that identifies an operating system and optionally a version. The field contains an object with key-value pairs, where each key is either the name of a build or default and each value is a URL for downloading the Monitoring. The object must include the default key set to the default download URL for the platform.
monitoringVersions
.baseUrl
string The base URL used for the mmsBaseUrl setting in the Monitoring Agent Configuration.
monitoringVersions
.logPath
string Optional. The directory where the agent stores its logs. The default is to store logs in /dev/null. To update, see the monitoringAgentConfig endpoint.
monitoringVersions
.logRotate
object Optional. Enables log rotation for the MongoDB logs for a process. To update, see the monitoringAgentConfig endpoint.
monitoringVersions
.logRotate
.sizeThresholdMB
number The maximum size in MB for an individual log file before rotation. To update, see the monitoringAgentConfig endpoint.
monitoringVersions
.logRotate
.timeThresholdHrs
integer The maximum time in hours for an individual log file before rotation. To update, see the monitoringAgentConfig endpoint.
monitoringVersions
.logRotate
.numUncompressed
integer Optional. The maximum number of total log files to leave uncompressed, including the current log file. The default is 5. In earlier versions of Cloud Manager, this field was named maxUncompressed. The earlier name is still recognized, though the new version is preferred. To update, see the monitoringAgentConfig endpoint.
monitoringVersions
.logRotate
.percentOfDiskspace
number Optional. The maximum percentage of total disk space all log files should take up before deletion. The default is .02. To update, see the monitoringAgentConfig endpoint.
monitoringVersions
.logRotate
.numTotal
integer Optional. The total number of log files. If a number is not specified, the total number of log files defaults to 0 and is determined by other monitoringVersions.logRotate settings.

Backup

The backupVersions array is optional and specifies the version of the Backup.

"backupVersions" : [
    {
        "name" : <string>,
        "hostname" : <string>,
        "urls" : {
            <platform1> : {
                <build1> : <string>,
                ...,
                "default" : <string>
            },
            ...
        },
        "baseUrl" : <string>,
        "logPath" : <string>,
        "logRotate" : {
            "sizeThresholdMB" : <number>,
            "timeThresholdHrs" : <integer>,
            "numUncompressed": <integer>,
            "percentOfDiskspace" : <number>,
            "numTotal" : <integer>
        }
    },
    ...
]
Name Type Description
backupVersions object array Optional. Objects that define version information for each Backup.
backupVersions
.name
string

Version of the Backup (e.g. “3.1.1.263-1”).

For MongoDB compatibility with Automation, see MongoDB Compatibility Matrix.

Important

This property is read-only. Any modifications made to this property are not reflected when updating the Backup through the API. To update the Backup Agent version, see this endpoint.

backupVersions
.hostname
string The hostname of the machine that runs the Backup. If the Backup is not running on the machine, Cloud Manager installs the agent from the location specified in backupVersions.urls.
backupVersions
.urls
object The platform- and build-specific URLs from which to download the Backup.
backupVersions
.urls
.<platform>
object This field has a name that identifies an operating system and optionally a version. The field contains an object with key-value pairs, where each key is either the name of a build or default and each value is a URL for downloading the Backup. The object must include the default key set to the default download URL for the platform.
backupVersions
.baseUrl
string The base URL used for the mothership and https settings in the Backup Agent Configuration. For example, for "baseUrl"=https://cloud.mongodb.com, the backup configuration fields would have these values: mothership=api-backup.mongodb.com and https"=true.
backupVersions
.logPath
string Optional. The directory where the agent stores its logs. The default is to store logs in /dev/null. To update, see the backupAgentConfig endpoint.
backupVersions
.logRotate
object Optional. Enables log rotation for the MongoDB logs for a process. To update, see the backupAgentConfig endpoint.
backupVersions
.logRotate
.sizeThresholdMB
number The maximum size in MB for an individual log file before rotation. To update, see the backupAgentConfig endpoint.
backupVersions
.logRotate
.timeThresholdHrs
integer The maximum time in hours for an individual log file before rotation. To update, see the backupAgentConfig endpoint.
backupVersions
.logRotate
.numUncompressed
integer Optional. The maximum number of total log files to leave uncompressed, including the current log file. The default is 5. To update, see the backupAgentConfig endpoint.
backupVersions
.logRotate
.percentOfDiskspace
number Optional. The maximum percentage of total disk space all log files should take up before deletion. The default is .02. To update, see the backupAgentConfig endpoint.
backupVersions
.logRotate
.numTotal
integer Optional. If a number is not specified, the total number of log files defaults to 0 and is determined by other backupVersion.logRotate settings.

MongoDB Instances

The processes array determines the configuration of your MongoDB instances. You can restore an instance using this array.

"processes": [{
  "<args>": "<object>",
  "alias": "<string>",
  "backupRestoreUrl": "<string>",
  "authSchemaVersion": "<integer>",
  "cluster": "<string>",
  "disabled": "<Boolean>",
  "featureCompatibilityVersion": "<string>",
  "hostname": "<string>",
  "lastCompact" : "<dateInIso8601Format>",
  "logRotate": {
    "sizeThresholdMB": "<number>",
    "timeThresholdHrs": "<integer>",
    "numUncompressed": "<integer>",
    "percentOfDiskspace": "<number>",
    "numTotal": "<integer>"
  },
  "manualMode": "<Boolean>",
  "name": "<string>",
  "numCores": "<integer>",
  "processType": "<string>",
  "version": "<string>"
}]
Name Type Necessity Description
processes array of objects Required Contains objects that define the mongos and mongod instances that Cloud Manager monitors. Each object defines a different instance.
processes
.args2_6
object Required

MongoDB configuration object for MongoDB versions 2.6 and later.

processes
.alias
string Optional Hostname alias (often a DNS CNAME) for the host on which the process runs. If an alias is specified, the MongoDB Agent prefers this alias over the hostname specified in processes.hostname when connecting to the host. You can also specify this alias in replicaSets.host and sharding.configServer.
processes
.authSchemaVersion
integer Required

Schema version of the user credentials for MongoDB database users. This should match all other elements of the processes array that belong to the same cluster.

  • Cloud Manager accepts 3 and 5 for this parameter.
  • MongoDB 3.x and 4.x clusters default to 5.
  • MongoDB 2.6 clusters default to 3.

See also

Upgrade to SCRAM-SHA-1 in the MongoDB 3.0 release notes.

processes
.backupRestoreUrl
string Optional

Delivery URL for the restore. Cloud Manager sets this when creating a restore.

processes
.cluster
string Conditional

Name of the sharded cluster. Set this value to the same value in the sharding.name parameter in the sharding array for the mongos.

processes
.disabled
Boolean Optional Flag that indicates if this process should be shut down. Set to true to shut down the process.
processes
.featureCompatibilityVersion
string Required

Version of MongoDB with which this process has feature compatibility. Changing this value can enable or disable certain features that persist data incompatible with MongoDB versions earlier or later than the featureCompatibilityVersion you choose.

  • Cloud Manager accepts 3.2, 3.6, 4.0 and 4.2 as parameter values. If you have an existing deployment, Cloud Manager only accepts a featureCompatibilityVersion equal to or one release older than the MongoDB version you deployed. To learn which of these parameter values is supported for each MongoDB version, and which features each of these values enable or disable, see setFeatureCompatibilityVersion in the MongoDB Manual.
  • Cloud Manager sets this parameter to match the MongoDB version for new deployments.
  • Cloud Manager doesn’t automatically increment this parameter when you upgrade a host from one MongoDB version to the next.
processes
.hostname
string Required Name of the host that serves this process. This defaults to localhost.
processes
.lastCompact
string Optional

Timestamp in ISO 8601 date and time format in UTC when Cloud Manager last reclaimed free space on a cluster’s disks. During certain operations, MongoDB might move or delete data but it doesn’t free the now unused space. Cloud Manager reclaims the disk space in a rolling fashion across members of the replica set or shards.

To reclaim this space:

  • Immediately, set this value to the current time as an ISO 8601 timestamp.
  • Later, set this value to a future ISO 8601 timestamp. Cloud Manager reclaims the space after the current time passes the provided timestamp.

Note

Make sure to specify a time zone with your ISO 8601 timestamp. This removes any ambiguity as to when you intend to compact the cluster.

Example

To set processes.lastCompact to 28 January 2020 at 2:43:52 PM US Central Standard Time, you would write:

"processes.lastCompact" : "2020-01-28T14:43:52-06:00"
processes
.logRotate
object Optional MongoDB configuration object for rotating the MongoDB logs of a process.
processes
.logRotate
.numTotal
integer Optional Total number of log files that Cloud Manager retains. If you don’t set this value, the total number of log files defaults to 0. Cloud Manager bases rotation on your other processes.logRotate settings.
processes
.logRotate
.numUncompressed
integer Optional Maximum number of total log files to leave uncompressed, including the current log file. The default is 5.
processes
.logRotate
.percentOfDiskspace
number Optional

Maximum percentage of total disk space that Cloud Manager can use to store the log files expressed as decimal. If this limit is exceeded, Cloud Manager deletes compressed log files until it meets this limit. Cloud Manager deletes the oldest log files first.

The default is 0.02.

processes
.logRotate
.sizeThresholdMB
number Required Maximum size in MB for an individual log file before Cloud Manager rotates it. Cloud Manager rotates the log file immediately if it meets the value given in either this sizeThresholdMB or the processes.logRotate.timeThresholdHrs limit.
processes
.logRotate
.timeThresholdHrs
integer Required

Maximum duration in hours for an individual log file before the next rotation. The time is since the last rotation.

Cloud Manager rotates the log file once the file meets either this timeThresholdHrs or the processes.logRotate.sizeThresholdMB limit.

processes
.manualMode
Boolean Optional

Flag that indicates if MongoDB Agent automates this process.

  • This defaults to false.
  • Set to true to disable Automation on this process. The MongoDB Agent takes no further actions on this process.
  • Set to false to enable Automation on this process. The MongoDB Agent automates actions on this process.
processes
.name
string Required Unique name to identify the instance.
processes
.numCores
integer Optional Number of cores that Cloud Manager should bind to this process. The MongoDB Agent distributes processes across the cores as evenly as possible.
processes
.processType
string Required Type of MongoDB process being run. Cloud Manager accepts mongod or mongos for this parameter.
processes
.version
string Required Name of the mongoDbVersions specification used with this instance.

Replica Sets

The replicaSets array defines each replica set’s configuration. This field is required for deployments with replica sets.

"replicaSets": [{
  "_id": "<string>",
  "protocolVersion": "<integer>",
  "members": [{
    "_id": <integer>,
    "host": "<string>",
  "force": {
    "currentVersion": <integer>
  }]
}]
Name Type Description
replicaSets object array Optional. Objects that define the configuration of each replica set. The Automation uses the values in this array to create valid replica set configuration documents. The agent regularly checks that replica sets are configured correctly. If a problem occurs, the agent reconfigures the replica set according to its configuration document. The array can contain the following top-level fields from a replica set configuration document: _id; version; and members. For more information on the configuration documents, see replSetGetConfig in the MongoDB manual.
replicaSets
._id
string The name of the replica set.
replicaSets
.protocolVersion
integer The protocol version of the replica set.
replicaSets
.members
object array Objects that define each member of the replica set. The members.host field must specify the host’s name as listed in processes.name. The Automation expands the host field to create a valid replica set configuration. For more information on members objects, see replSetGetConfig in the MongoDB manual.
replicaSets
.force
object

Object that instructs the MongoDB Agent to force a replica set to use the Configuration Version specified in replicaSets.force.CurrentVersion.

With this object, the MongoDB Agent can force a replica set to accept a new configuration to recover from a state in which a minority of its members are available.

replicaSets
.force
.currentVersion
integer

The Configuration Version that the MongoDB Agent forces the replica set to use. Set to -1 to force a replica set to accept a new configuration.

Warning

Forcing a replica set reconfiguration might lead to a rollback of majority-committed writes.

Proceed with caution. Contact MongoDB Support if you have questions about the potential impacts of this operation.

Sharded Clusters

The sharding array defines the configuration of each sharded cluster. This field is required for deployments with sharded clusters.

"sharding" : [
    {
        "managedSharding" : <boolean>,
        "name" : <string>,
        "configServerReplicaSet" : <string>,
        // "configServerReplicaSet" applies if the config server is a replica set.
        // For legacy mirrored config servers, use "configServer", which takes a
        // string array.
        "collections" : [
            {
                "_id" : <string>,
                "key" : [
                    [ shard key ],
                    [ shard key ],
                    ...
                ],
                "unique" : <boolean>
            },
            ...
        ],
        "shards" : [
            {
                "_id" : <string>,
                "rs" : <string>,
                "tags" : [ <string>, ... ]
            },
            ...
        ],
        "tags" : [
            {
                "ns" : <string>,
                "min" : [
                    {
                        "field" : <string>,
                        "fieldType" : <string>,
                        "value" : <string>
                    }
                ],
                "max" : [
                    {
                        "field" : <string>,
                        "fieldType" : <string>,
                        "value" : <string>
                    }
                ],
                "tag" : <string>
            },
            ...
        ]
    },
    ...
]
Name Type Description
sharding object array Optional. Objects that define the configuration of each sharded cluster. Each object in the array contains the specifications for one cluster. The Automation regularly checks each cluster’s state against the specifications. If the specification and cluster don’t match, the agent will change the configuration of the cluster, which might cause the balancer to migrate chunks.
sharding
.managedSharding
boolean If true, Cloud Manager Automation manages all sharded collections and tags (i.e., zones) in the deployment.
sharding
.name
string The name of the cluster. This must correspond with the value in processes.cluster for a mongos.
sharding
.configServerReplica
string

The name of the config server’s replica set.

Use this field only for a config server that is a replica set. If you use legacy mirrored config servers (config servers that are not a replica set), use sharding.configServer.

sharding
.configServer
array of strings

For legacy mirrored config servers, an array that contains the names of the config server hosts. The host names are the same names used in each host’s processes.name field.

Use this field only for legacy mirrored config servers (config servers that are not a replica set), which are available only with MongoDB 3.2 and earlier. Otherwise use sharding.configServerReplica.

Important

MongoDB 3.4 removes support for mirrored config servers.

sharding
.collections
object array Objects that define the sharded collections and their shard keys.
sharding
.collections
._id
string The namespace of the sharded collection. The namespace is the combination of the database name and the name of the collection. For example, testdb.testcoll.
sharding
.collections
.key
array of arrays The collection’s shard keys. This “array of arrays” contains a single array if there is a single shard key and contains multiple arrays if there is a compound shard key.
sharding
.collections
.unique
boolean If set to true, MongoDB enforces uniqueness for the shard key. For more information, see the sh.shardCollection() method in the MongoDB manual.
sharding
.shards
object array Objects that define the cluster’s shards.
sharding
.shards
._id
string The name of the shard.
sharding
.shards
.rs
string The name of the shard’s replica set, as specified in the replicaSets._id field.
sharding
.shards
.tags
array of strings If you use zoned sharding, the zones assigned to the shard.
sharding
.tags
object array If you use zoned sharding, this array defines the zones. Each object in this array defines a zone and configures the shard key range for that zone.
sharding
.tags
.ns
string The namespace of the collection that uses zoned sharding. The namespace is the combination of the database name and the name of the collection. For example, testdb.testcoll.
sharding
.tags
.min
array

The minimum value of the shard key range.

Specify the field name, field type, and value in a document of the following form.

{
  "field" : <string>,
  "fieldType" : <string>,
  "value" : <string>
}

fieldType must be one of the following:

  • string
  • integer
  • long
  • double
  • decimal
  • date
  • timestamp
  • oid
  • minKey
  • maxKey

value must be passed in as a string value.

To use a compound shard key, specify each field in a separate document, as shown in the example after this table. For more information on shard keys, see Shard Keys in the MongoDB manual.

sharding
.tags
.max
array

The maximum value of the shard key range.

Specify the field name, field type, and value in a document of the following form.

{
  "field" : <string>,
  "fieldType" : <string>,
  "value" : <string>
}

fieldType must be one of the following:

  • string
  • integer
  • long
  • double
  • decimal
  • date
  • timestamp
  • oid
  • minKey
  • maxKey

value must be passed in as a string value.

To use a compound shard key, specify each field in a separate document, as shown in the example after this table. For more information on shard keys, see Shard Keys in the MongoDB manual.

sharding
.tags
.tag
string The name of the zone associated with the shard key range specified by sharding.tags.min and sharding.tags.max.

Example

The sharding.tags Array with Compound Shard Key

The following example configuration defines a compound shard key range with a min value of { a : 1, b : ab } and a max value of { a : 100, b : fg }. The example defines the range on the testdb.test1 collection and assigns it to zone zone1.

"tags" : [
    {
        "ns" : "testdb.test1",
        "min" : [
            {
                "field" : "a",
                "fieldType" : "integer",
                "value" : "1"
            },
            {
                "field" : "b",
                "fieldType" : "string",
                "value" : "ab"
            }
        ],
        "max" : [
            {
                "field" : "a",
                "fieldType" : "integer",
                "value" : "100"
            },
            {
                "field" : "b",
                "fieldType" : "string",
                "value" : "fg"
            }
        ],
        "tag" : "zone1"
    }
]

Cluster Balancer

The balancer object is optional and defines balancer settings for each cluster.

"balancer": {
    "<clusterName1>": <object>,
    "<clusterName2>": <object>,
    ...
}
Name Type Description
balancer object Optional. This object contains fields named according to clusters, each field containing an object with the desired balancer settings for the cluster. The object uses the stopped and activeWindow fields, as described in the procedure to schedule the balancing window in this tutorial in the MongoDB manual.

Authentication

Cloud Manager doesn’t require the auth object. This object defines authentication-related settings.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
{
  "auth": {
    "authoritativeSet": "<boolean>",
    "autoUser": "<string>",
    "autoPwd": "<string>",
    "disabled": "<boolean>",
    "deploymentAuthMechanisms": ["<string>", "<string>"],
    "key": "<string>",
    "keyfile": "<string>",
    "usersDeleted": [{
      "user": "<string>",
      "dbs": ["<string>", "<string>"]
    }],
    "usersWanted": [{
      "authenticationRestrictions": [{
        "clientSource": ["<IP | CIDR range>", "<IP | CIDR range>"],
        "serverAddress": ["<IP | CIDR range>", "<IP | CIDR range>"]
      }],
      "db": "<string>",
      "initPwd": "<string>",
      "otherDBRoles": {
        "<string>": ["<string>", "<string>"]
      },
      "roles": ["<string>", "<string>"],
      "pwd": "<string>",
      "user": "<string>"
    }]
  }
}
Name Type Necessity Description
auth object Optional

Defines authentication-related settings.

Note

If you omit this parameter, skip the rest of this section.

auth
.authoritativeSet
boolean Conditional

Sets whether or not Cloud Manager enforces a consistent set of managed MongoDB users and roles in all managed deployments in the project.

auth.authoritativeSet defaults to false.

Required if "auth" : true.

auth
.autoUser
string Conditional

Username that the Automation uses when connecting to an instance.

Required if "auth" : true.

auth
.autoPwd
string Conditional

Password that the Automation uses when connecting to an instance.

Required if "auth" : true.

auth
.disabled
boolean Optional Flag indicating if auth is disabled. If not specified, disabled defaults to false.
auth
.deploymentAuthMechanisms
array of strings Conditional

Lists the supported authentication mechanisms for the processes in the deployment.

Required if "auth" : true.

Specify:

Value Authentication Mechanism
MONGODB-CR MONGODB-CR / SCRAM-SHA-1
MONGODB-X509 x.509 Client Certificate
PLAIN LDAP
GSSAPI Kerberos
auth
.key
string Conditional

Contents of the key file that Cloud Manager uses to authenticate to the MongoDB processes.

Required if "auth" : true and "auth.disabled" : false.

Note

If you change the auth.key value, you must change the auth.keyfile value.

auth
.keyfile
string Conditional

Path and name of the key file that Cloud Manager uses to authenticate to the MongoDB processes.

Required if "auth" : true and "auth.disabled" : false.

Note

If you change the auth.keyfile value, you must change the auth.key value.

auth
.usersDeleted
array of objects Optional Objects that define the authenticated users to be deleted from specified databases or from all databases. This array must contain auth.usersDeleted.user and auth.usersDeleted.dbs.
auth
.usersDeleted
.[n]
.user
string Optional Username of user that Cloud Manager should delete.
auth
.usersDeleted
.[n]
.dbs
array of strings Optional List the names of the databases from which Cloud Manager should delete the authenticated user.
auth
.usersWanted
array of objects Optional Contains objects that define authenticated users to add to specified databases. Each object must have the auth.usersWanted[n].db, auth.usersWanted[n].user, and auth.usersWanted[n].roles parameters, and then have exactly one of the following parameters: auth.usersWanted[n].pwd, auth.usersWanted[n].initPwd, or auth.usersWanted[n].userSource.
auth
.usersWanted
.[n]
.db
string Conditional Database to which to add the user.
auth
.usersWanted
.[n]
.user
string Conditional Name of the user that Cloud Manager should add.
auth
.usersWanted
.[n]
.roles
array Conditional List of the roles to be assigned to the user from the user’s database, which is specified in auth.usersWanted[n].db.
auth
.usersWanted
.[n]
.pwd
string Conditional

32-character hex SCRAM-SHA-1 hash of the password currently assigned to the user.

Cloud Manager doesn’t use this parameter to set or change a password.

Required if:

  • "auth" : true,
  • "auth.deploymentAuthMechanisms" : "MONGODB-CR", and
  • "auth.usersWanted[n].initPwd" is unset.
auth
.usersWanted
.[n]
.initPwd
string Conditional

Cleartext password that you want to assign to the user.

Required if:

  • "auth" : true,
  • "auth.deploymentAuthMechanisms" : "MONGODB-CR", and
  • "auth.usersWanted[n].pwd" is unset.
auth
.usersWanted
.[n]
.userSource
string Deprecated No longer supported.
auth
.usersWanted
.[n]
.otherDBRoles
object Optional If you assign the user’s database "auth.usersWanted[n].db" : "admin", then you can use this object to assign the user roles from other databases as well. The object contains key-value pairs where the key is the name of the database and the value is an array of string values that list the roles be assigned from that database.
auth
.usersWanted
.[n]
.authenticationRestrictions
array of documents Optional

Authentication restrictions that the host enforces on the user.

Warning

If a user inherits multiple roles with incompatible authentications restrictions, that user becomes unusable. For example, if a user inherits one role in which the clientSource field is [198.51.100.0] and another role in which the clientSource field is [203.0.113.0], the server is unable to authenticate the user.

For more information about authentication in MongoDB, see Authentication.

auth
.usersWanted
.[n]
.authenticationRestrictions
.[k]
.clientSource
array of strings Conditional If present when authenticating a user, the host verifies that the given list contains the client’s IP address CIDR range. If the client’s IP address is not present, the host does not authenticate the user.
auth
.usersWanted
.[n]
.authenticationRestrictions
.[k]
.serverAddress
array of strings Conditional Comma-separated array of IP addresses to which the client can connect. If present, the host verifies that Cloud Manager accepted the client’s connection from an IP address in the given array. If the connection was accepted from an unrecognized IP address, the host doesn’t authenticate the user.

SSL

The ssl object enables TLS for encrypting connections. This object is optional.

"ssl" : {
    "CAFilePath" : <string>
}
Name Type Necessity Description
ssl object Optional

Enables TLS for encrypting connections. To use TLS, be sure to choose a package that supports TLS.

All platforms that support MongoDB Enterprise also support TLS.

ssl.CAFilePath string Conditional Absolute file path to the certificate used to authenticate through TLS. Required if ssl.clientCertificateMode is set.
ssl.clientCertificateMode string Conditional Declaration as to whether connections to Cloud Manager require a TLS certificate. Accepted values are OPTIONAL and REQUIRE. Required if ssl.CAFilePath is set.

MongoDB Roles

The roles array is optional and describes user-defined roles.

"roles" : [
    {
        "role" : <string>,
        "db" : <string>,
        "privileges" : [
            {
                "resource" : { ... },
                "actions" : [ <string>, ... ]
            },
            ...
        ],
        "roles" : [
            {
                "role" : <string>,
                "db" : <string>
            }
        ]
        "authenticationRestrictions" : [
               {
                  "clientSource": ["<IP>" | "<CIDR range>", ...],
                  "serverAddress": ["<IP>" | "<CIDR range>", ...]
               }, ...
            ]
    },
    ...
]
Name Type Description
roles object array Optional. The roles array contains objects that describe the cluster’s user-defined roles. Each object describes a different user-defined role. Objects in this array contain the same fields as documents in the system roles collection, except for the _id field, which is not included here.
roles
.[n]
.role
string The name of the user-defined role.
roles
.[n]
.db
string The database to which the user-defined role belongs.
roles
.[n]
.privileges
array of documents Defines the privileges for the role.
roles
.[n]
.privileges
.[i]
.resource
string Specifies the resources upon which the privilege actions apply.
roles
.[n]
.privileges
.[i]
.actions
string Specifies the actions permitted on the resource. For a list of actions, see Privilege Actions.
roles
.[n]
.roles
array of documents Specifies the roles from which this role inherits privileges.
roles
.[n]
.authenticationRestrictions
array of documents

Optional. The authentication restrictions that the server enforces on the role.

Warning

If a user inherits multiple roles with incompatible authentications restrictions, that user becomes unusable. For example, if a user inherits one role in which the clientSource field is [198.51.100.0] and another role in which the clientSource field is [203.0.113.0], the server is unable to authenticate the user.

For more information about authentication in MongoDB, see Authentication.

roles
.[n]
.authenticationRestrictions
.[k]
.clientSource
array of strings If present, when authenticating a user, the server verifies that the client’s IP address is either in the given list or belongs to a CIDR range in the list. If the client’s IP address is not present, the server does not authenticate the user.
roles
.[n]
.authenticationRestrictions
.[k]
.serverAddress
array of strings A comma-separated array of IP addresses to which the client can connect. If present, the server will verify that the client’s connection was accepted from an IP address in the given array. If the connection was accepted from an unrecognized IP address, the server does not authenticate the user.

Kerberos

The kerberos object is optional and defines a kerberos service name used in authentication.

"kerberos": {
    "serviceName": <string>
}
Name Type Description
kerberos object Optional. A key-value pair that defines the kerberos service name agents use to authenticate via kerberos.
kerberos
.serviceName
string The service name agents use to authenticate to a mongod or mongos via kerberos. This name is also used to set the saslServiceName option in a MongoDB configuration, as described on the MongoDB Server Parameters page in the MongoDB manual.

Indexes

The indexConfigs array is optional and defines indexes to be built for specific replica sets.

"indexConfigs" : [
    {
        "key" : [
            [ <string> , <val> ],
            ...
        ],
        "rsName" : <string>,
        "dbName" : <string>,
        "collectionName" : <string>
        "collation" : {
            locale : <string>,
            caseLevel : <boolean>,
            caseFirst : <string>,
            strength : <number>,
            numericOrdering : <boolean>,
            alternate : <string>,
            maxVariable : <string>,
            normalization : <boolean>,
            backwards : <boolean>
        },
        "options" : { <key> : <value>, ... }
    },
    ...
]
Name Type Necessity Description
indexConfigs object array Optional Objects that define specific indexes to be built for specific replica sets.
indexConfigs
.key
array of arrays Required Keys in the index. This “array of arrays” contains a single array if the index has just one key.
indexConfigs
.rsName
string Required The replica set that the index is built on.
indexConfigs
.dbName
string Required Database that is indexed.
indexConfigs
.collectionName
string Required Collection that is indexed.
indexConfigs
.collation
object Optional

If the index uses collation (available beginning with MongoDB 3.4), this specifies the language-specific rules to use when sorting and matching strings.

If you include the indexConfigs.collation object, you must include the indexConfigs.collation.locale field. All other fields are optional.

If you do not include the indexConfigs.collation object, the index can’t include collation.

indexConfigs
.collation
.locale
string Conditional Locale that the ICU defines. For a list of supported locales, see Collation Locales and Default Parameters in the MongoDB manual. To specify simple binary comparison, specify a value of simple.
indexConfigs
.collation
.caseLevel
boolean Optional If set to true, the index uses case comparison. This field applies only if the strength level is set to 1 or 2. See Collation in the MongoDB manual for details.
indexConfigs
.collation
.caseFirst
string Optional Determines the sort order of case differences during tertiary level comparisons. For possible values, see Collation in the MongoDB manual.
indexConfigs
.collation
.strength
number Optional Level of comparison to perform. Corresponds to ICU Comparison Levels. For possible values, see Collation in the MongoDB manual.
indexConfigs
.collation
.numericOrdering
boolean Optional

If set to true, collation compares numeric strings as numbers; i.e. 10 is greater than 2. If false, collation compares numeric strings as strings; i.e. 10 is less than 2.

The default is false. To learn more, see Collation in the MongoDB manual.

indexConfigs
.collation
.alternate
string Optional Determines whether collation should consider whitespace and punctuation as base characters during comparisons. For possible values, see Collation in the MongoDB manual.
indexConfigs
.collation
.maxVariable
string Optional Determines which characters are are considered ignorable. This field applies only if indexConfigs.collation.alternate is set to shifted. For possible values, see Collation in the MongoDB manual.
indexConfigs
.collation
.normalization
boolean Optional

If true, collation checks if text requires normalization and performs normalization to compare text.

The default is false. To learn more, see Collation in the MongoDB manual.

indexConfigs
.collation
.backwards
boolean Optional

If true, strings with diacritics sort from the back to the front of the string.

The default is false. To learn more, see Collation in the MongoDB manual.

indexConfigs
.options
document Required Index options that the MongoDB Go Driver supports.