Create One Private Link Connection

POST /api/atlas/v2/groups/{groupId}/streams/privateLinkConnections

Creates one Private Link in the specified project. To use this resource, the requesting Service Account or API Key must have the Project Owner or Project Stream Processing Owner role.

Path parameters

  • groupId string Required

    Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.

    NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.

    Format should match the following pattern: ^([a-f0-9]{24})$.

Query parameters

  • envelope boolean

    Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

    Default value is false.

  • pretty boolean

    Flag that indicates whether the response body should be in the prettyprint format.

    Default value is false.

    Prettyprint
application/vnd.atlas.2023-02-01+json

Body Required

Details to create one Private Link connection for a project. project.

  • arn string

    Amazon Resource Name (ARN). Required for AWS Provider and MSK vendor.

    Format should match the following pattern: ^arn:aws:kafka.

  • azureResourceIds array[string]

    Azure Resource IDs of each availability zone for the Azure Confluent cluster.

  • dnsDomain string

    The domain hostname. Required for the following provider and vendor combinations:

    • AWS provider with CONFLUENT vendor.
    • AZURE provider with EVENTHUB or CONFLUENT vendor.
  • dnsSubDomain array[string]

    Sub-Domain name of Confluent cluster. These are typically your availability zones. Required for AWS Provider and CONFLUENT vendor, if your AWS CONFLUENT cluster doesn't use subdomains, you must set this to the empty array [].

  • provider string Required

    Provider where the Kafka cluster is deployed. Valid values are AWS and AZURE.

  • region string

    The region of the Provider’s cluster. See AZURE and AWS supported regions.

  • serviceEndpointId string

    For AZURE EVENTHUB, this is the namespace endpoint ID. For AWS CONFLUENT cluster, this is the VPC Endpoint service name.

  • vendor string

    Vendor that manages the cloud service. The following are the vendor values per provider:

    • AWS -- MSK for AWS MSK Kafka clusters -- CONFLUENT for Confluent Kafka clusters on AWS -- KINESIS for AWS Kinesis Data Streams (coming soon).

    • Azure -- EVENTHUB for Azure EventHub. -- CONFLUENT for the Confluent Kafka clusters on Azure

    NOTE Omitting the vendor field will default to using the GENERIC vendor.

Responses

  • 200 application/vnd.atlas.2023-02-01+json

    OK

    Hide response attributes Show response attributes object
    • _id string

      The ID of the Private Link connection.

      Format should match the following pattern: ^([a-f0-9]{24})$.

    • arn string

      Amazon Resource Name (ARN). Required for AWS Provider and MSK vendor.

      Format should match the following pattern: ^arn:aws:kafka.

    • azureResourceIds array[string]

      Azure Resource IDs of each availability zone for the Azure Confluent cluster.

    • dnsDomain string

      The domain hostname. Required for the following provider and vendor combinations:

      • AWS provider with CONFLUENT vendor.
      • AZURE provider with EVENTHUB or CONFLUENT vendor.
    • dnsSubDomain array[string]

      Sub-Domain name of Confluent cluster. These are typically your availability zones. Required for AWS Provider and CONFLUENT vendor, if your AWS CONFLUENT cluster doesn't use subdomains, you must set this to the empty array [].

    • errorMessage string

      Error message if the state is FAILED.

    • interfaceEndpointId string

      Interface endpoint ID that is created from the service endpoint ID provided.

    • interfaceEndpointName string

      Interface endpoint name that is created from the service endpoint ID provided.

    • provider string Required

      Provider where the Kafka cluster is deployed. Valid values are AWS and AZURE.

    • providerAccountId string

      Account ID from the cloud provider.

    • region string

      The region of the Provider’s cluster. See AZURE and AWS supported regions.

    • serviceEndpointId string

      For AZURE EVENTHUB, this is the namespace endpoint ID. For AWS CONFLUENT cluster, this is the VPC Endpoint service name.

    • state string

      State the connection is in.

    • vendor string

      Vendor that manages the cloud service. The following are the vendor values per provider:

      • AWS -- MSK for AWS MSK Kafka clusters -- CONFLUENT for Confluent Kafka clusters on AWS -- KINESIS for AWS Kinesis Data Streams (coming soon).

      • Azure -- EVENTHUB for Azure EventHub. -- CONFLUENT for the Confluent Kafka clusters on Azure

      NOTE Omitting the vendor field will default to using the GENERIC vendor.

  • 400 application/json

    Bad Request.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 401 application/json

    Unauthorized.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 403 application/json

    Forbidden.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 404 application/json

    Not Found.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 409 application/json

    Unauthorized.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 500 application/json

    Internal Server Error.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

POST /api/atlas/v2/groups/{groupId}/streams/privateLinkConnections
atlas api createPrivateLinkConnection --help
import (
	"os"
	"context"
	"log"
	sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)

func main() {
	ctx := context.Background()
	clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
	clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")

	client, err := sdk.NewClient(
		sdk.UseOAuthAuth(clientID, clientSecret),
		sdk.UseBaseURL(url))

	if err != nil {
		log.Fatalf("Error: %v", err)
	}

	params = &sdk.CreatePrivateLinkConnectionApiParams{}
	sdkResp, httpResp, err := client.StreamsApi.
		CreatePrivateLinkConnectionWithParams(ctx, params).
		Execute()
}
curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
  --header "Accept: application/vnd.atlas.2025-03-12+json" \
  --header "Content-Type: application/json" \
  -X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/streams/privateLinkConnections" \
  -d '{ <Payload> }'
curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
  --digest \
  --header "Accept: application/vnd.atlas.2025-03-12+json" \
  --header "Content-Type: application/json" \
  -X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/streams/privateLinkConnections" \
  -d '{ <Payload> }'
Request examples
{
  "arn": "string",
  "azureResourceIds": [
    "string"
  ],
  "dnsDomain": "string",
  "dnsSubDomain": [
    "string"
  ],
  "provider": "string",
  "region": "string",
  "serviceEndpointId": "string",
  "vendor": "string"
}
Response examples (200)
{
  "_id": "32b6e34b3d91647abb20e7b8",
  "arn": "string",
  "azureResourceIds": [
    "string"
  ],
  "dnsDomain": "string",
  "dnsSubDomain": [
    "string"
  ],
  "errorMessage": "string",
  "interfaceEndpointId": "string",
  "interfaceEndpointName": "string",
  "links": [
    {
      "href": "https://cloud.mongodb.com/api/atlas",
      "rel": "self"
    }
  ],
  "provider": "string",
  "providerAccountId": "string",
  "region": "string",
  "serviceEndpointId": "string",
  "state": "string",
  "vendor": "string"
}
Response examples (400)
{
  "error": 400,
  "detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
  "reason": "Bad Request",
  "errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
  "error": 401,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Unauthorized",
  "errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
  "error": 403,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Forbidden",
  "errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
  "error": 404,
  "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
  "reason": "Not Found",
  "errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (409)
{
  "error": 401,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Unauthorized",
  "errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (500)
{
  "error": 500,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Internal Server Error",
  "errorCode": "UNEXPECTED_ERROR"
}