On this page
New in version 2.6.
MongoDB provides a number of built-in roles. However, if these roles cannot describe the desired set of privileges, you can create new roles.
When adding a role, you create the role in a specific database. MongoDB uses the combination of the database and the role name to uniquely define a role.
Except for roles created in the
admin database, a role can only include privileges that apply to its database and can only inherit from other roles in its database.
A role created in the
admin database can include privileges that apply to the
admin database, other databases or to the cluster resource, and can inherit from roles in other databases as well as the
MongoDB stores all role information in the system.roles collection in the
Do not access this collection directly but instead use the role management commands to view and edit custom roles.