Users and roles

The data in Managed Service for MongoDB is handled on behalf of the cluster users. To differentiate user access rights, the role model is used. To assign a user specific access rights for the database, grant them the relevant role in this database.

Database user roles

Standard roles available for any user database.

read

Users granted the read role have read access to all the non-system database collections and the system.js collection. Learn more about this role in the MongoDB documentation.

readWrite

Users granted the readWrite role have read and write access to all the non-system database collections and the system.js collection. Learn more about this role in the MongoDB documentation.

Cluster administrator roles

Roles needed for cluster monitoring and administration. Those roles are assigned for the privileged MongoDB admin database.

mdbMonitor

A role for collecting statistics and monitoring. It grants the following rights to the user:

mdbShardingManager

A role for managing cluster sharding. It grants the following rights to the user: