Navigation

Custom Roles

The customDBRoles resource lets you retrieve, create and modify the custom roles in your cluster. Use custom roles to specify custom sets of actions which cannot be described by the built-in Atlas database user privileges.

Custom roles cannot use actions unavailable to any cluster version in your project. Custom roles are defined at the project level, and must be compatible with each MongoDB version used by your project’s clusters.

Custom roles in your project must include actions that all of your clusters support.

Example

You can’t create custom roles that use actions introduced in MongoDB 4.0 if your project contains MongoDB 3.6 clusters.

Example

If you have a cluster in your project with MongoDB 3.6, you cannot create a custom role that uses actions introduced in MongoDB 4.0.

Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

Note

The Custom Roles resource supports a subset of MongoDB privilege actions. Further, the custom role actions available in the API represent a subset of actions available in the Atlas UI. For a complete list of privilege actions available in the Custom Roles resource, see Custom Role Actions.

Base URL: https://cloud.mongodb.com/api/atlas/v1.0

Method Endpoint Description
GET /groups/{GROUP-ID}/customDBRoles/roles Get all custom roles in the project.
GET /groups/{GROUP-ID}/customDBRoles/roles/{ROLE-NAME} Get the custom role named {ROLE-NAME}.
POST /groups/{GROUP-ID}/customDBRoles/roles Create a new custom role in the project.
PATCH /groups/{GROUP-ID}/customDBRoles/roles/{ROLE-NAME} Update a custom role in the project.
DELETE /groups/{GROUP-ID}/customDBRoles/roles/{ROLE-NAME} Delete a custom role from the project.