Create One Private Link Connection
Creates one Private Link in the specified project. To use this resource, the requesting Service Account or API Key must have the Project Owner or Project Stream Processing Owner role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$
.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelope
JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false
. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false
.Prettyprint
Body
Required
Details to create one Private Link connection for a project. project.
-
Amazon Resource Name (ARN). Required for AWS Provider and MSK vendor.
Format should match the following pattern:
^arn:aws:kafka
. -
Azure Resource IDs of each availability zone for the Azure Confluent cluster.
-
The domain hostname. Required for the following provider and vendor combinations:
- AWS provider with CONFLUENT vendor.
- AZURE provider with EVENTHUB or CONFLUENT vendor.
-
Sub-Domain name of Confluent cluster. These are typically your availability zones. Required for AWS Provider and CONFLUENT vendor, if your AWS CONFLUENT cluster doesn't use subdomains, you must set this to the empty array [].
-
Provider where the Kafka cluster is deployed. Valid values are AWS and AZURE.
-
For AZURE EVENTHUB, this is the namespace endpoint ID. For AWS CONFLUENT cluster, this is the VPC Endpoint service name.
-
Vendor that manages the cloud service. The following are the vendor values per provider:
AWS -- MSK for AWS MSK Kafka clusters -- CONFLUENT for Confluent Kafka clusters on AWS -- KINESIS for AWS Kinesis Data Streams (coming soon).
Azure -- EVENTHUB for Azure EventHub. -- CONFLUENT for the Confluent Kafka clusters on Azure
NOTE Omitting the vendor field will default to using the GENERIC vendor.
atlas api createPrivateLinkConnection --help
import (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.CreatePrivateLinkConnectionApiParams{}
sdkResp, httpResp, err := client.StreamsApi.
CreatePrivateLinkConnectionWithParams(ctx, params).
Execute()
}
curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/streams/privateLinkConnections" \
-d '{ <Payload> }'
curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/streams/privateLinkConnections" \
-d '{ <Payload> }'
{
"arn": "string",
"azureResourceIds": [
"string"
],
"dnsDomain": "string",
"dnsSubDomain": [
"string"
],
"provider": "string",
"region": "string",
"serviceEndpointId": "string",
"vendor": "string"
}
{
"_id": "32b6e34b3d91647abb20e7b8",
"arn": "string",
"azureResourceIds": [
"string"
],
"dnsDomain": "string",
"dnsSubDomain": [
"string"
],
"errorMessage": "string",
"interfaceEndpointId": "string",
"interfaceEndpointName": "string",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"provider": "string",
"providerAccountId": "string",
"region": "string",
"serviceEndpointId": "string",
"state": "string",
"vendor": "string"
}
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}