Docs Menu
Docs Home
/
Atlas
/
Configure Security Features
/
Authentication

Built-In Roles and Privileges

Roles and Privileges Overview

This page describes the Atlas built-in roles and the MongoDB Roles they represent. Refer to Built-In Roles for a full description of the privilege actions that each role includes.

To learn more about common commands that Atlas doesn't support with the current Atlas user privileges, see Unsupported Commands in M10+ Clusters

About Protected MongoDB Database Namespaces

We discourage writing to the admin, local, and config databases. Atlas manages multiple collections in these databases.

atlasAdmin has the update privilege on the config.settings collection to manage the balancer.

Built-in Roles and Inherited Privileges

Atlas Built-in Role
MongoDB Role
Inherited Roles or Privilege Actions
Atlas admin
atlasAdmin

This role allows you to use setQuerySettings, removeQuerySettings, and $querySettings.

analyzeShardKey
autoCompact
backup
checkMetadataConsistency
cleanupOrphaned
clearJumboFlag
clusterMonitor
compact
dbAdminAnyDatabase
enableSharding
flushRouterConfig
killAnyCursor
moveChunk
querySettings
readWriteAnyDatabase
refineCollectionShardKey
reshardCollection
shardedDataDistribution
splitChunk
viewRole
Read and write to any database

readWriteAnyDatabase

readWriteAnyDatabase

Only read any database

readAnyDatabase

readAnyDatabase

backup

backup

backup

clusterMonitor

clusterMonitor

clusterMonitor

dbAdmin

dbAdmin

dbAdmin

dbAdminAnyDatabase

dbAdminAnyDatabase

dbAdminAnyDatabase

enableSharding

enableSharding

enableSharding

read

read

read

readWrite

readWrite

readWrite

readWriteAnyDatabase

readWriteAnyDatabase

readWriteAnyDatabase

readAnyDatabase

readAnyDatabase

readAnyDatabase

killOpSession
inprog
killop
killAnySession
killCursors
listSessions
autoCompact

autoCompact

manageShardBalancer
find
insert
update

Operation also supports timeseries collections.

Operation supported on config.settings.

Back

Database Users

Next

Custom Database Roles

On this page