Custom Roles

The customDBRoles resource lets you retrieve, create and modify the custom roles in your cluster. Use custom roles to specify custom sets of actions which cannot be described by the built-in Atlas database user privileges.

Custom roles cannot use actions unavailable to any cluster version in your project. Custom roles are defined at the project level, and must be compatible with each MongoDB version used by your project's clusters.

Custom roles in your project must include actions that all of your clusters support.

Beaker IconExample

You can't create custom roles that use actions introduced in MongoDB 4.0 if your project contains MongoDB 3.6 clusters.

Beaker IconExample

If you have a cluster in your project with MongoDB 3.6, you cannot create a custom role that uses actions introduced in MongoDB 4.0.

Info With Circle IconCreated with Sketch.Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

Info With Circle IconCreated with Sketch.Note

The Custom Roles resource supports a subset of MongoDB privilege actions. Further, the custom role actions available in the API represent a subset of actions available in the Atlas UI. For a complete list of privilege actions available in the Custom Roles resource, see Custom Role Actions.

GET/groups/{GROUP-ID}/customDBRoles/rolesGet all custom roles in the project.
GET/groups/{GROUP-ID}/customDBRoles/roles/{ROLE-NAME}Get the custom role named {ROLE-NAME}.
POST/groups/{GROUP-ID}/customDBRoles/rolesCreate a new custom role in the project.
PATCH/groups/{GROUP-ID}/customDBRoles/roles/{ROLE-NAME}Update a custom role in the project.
DELETE/groups/{GROUP-ID}/customDBRoles/roles/{ROLE-NAME}Delete a custom role from the project.
Give Feedback