Articles → MONGODB → Built-In Roles In Mongodb

Built-In Roles In Mongodb

This article explains MongoDB's built-in roles.

Database Users

The following roles can be assigned to a database user: -

read → A user with the read role can read data from the database but cannot modify it. This includes querying collections and reading their contents.
readWrite → A user with the readWrite role can read and write data. This includes querying collections, inserting new documents, updating existing records, and deleting records.

The following roles can be assigned for database administration: -

dbAdmin → A user with the dbAdmin role can create, delete, and modify indexes, collect database statistics, view database profiling information, and execute administrative commands.
userAdmin → A user with the userAdmin role can create, modify, and manage users and their roles within a specific database.
dbOwner → A user with the dbOwner role has full administrative access to a specific database.

The following roles can be assigned as all-database roles: -

readAnyDatabase → A user with the readAnyDatabase role can read data from all databases except the local and config databases.
readWriteAnyDatabase → A user with the readWriteAnyDatabase role can read and write data across all databases except the local and config databases.
userAdminAnyDatabase → A user with the userAdminAnyDatabase role can manage users and their roles across all databases.
dbAdminAnyDatabase → A user with the dbAdminAnyDatabase role can perform administrative tasks across any database. These tasks include creating and modifying indexes, gathering database statistics, and running administrative commands.

ClusterAdmin → The user with the ClusterAdmin role manages cluster-wide administrative tasks and settings.
ClusterManager → The user with the ClusterManager role oversees sharding and replica set configurations.
ClusterMonitor → The user with the ClusterMonitor role has read-only access to monitoring and diagnostic tools.
HostManager → The user with the HostManager role manages server operations, including starting and stopping the server.

The user with the Backup/Restore role has the privileges required to back up data.

DbOwner (admin) → Manages all administrative functions for their database, including user management.
UserAdmin (admin) → Manages users and roles within the admin database
UserAdminAnyDatabase → Manages users and roles across all databases in the MongoDB instance.
Root → Has full access to all administrative and operational functions across the MongoDB instance.

Query/Feedback