Docs Menu

Docs HomeMongoDB Cloud Manager

Cloud Manager Roles

On this page

  • Organization Roles
  • Project Roles

Cloud Manager roles allow you to grant users different levels of access to Cloud Manager. You can grant a user the privileges needed to perform a specific set of tasks and no more.

To assign user roles, see Edit a User's or Team's Role in a Project. You can't assign your own roles.

Organization Role
Privileges
Organization Owner

An Cloud Manager user with this organization role can:

  • Grants root access to the organization.

  • Grants Project Owner access to all projects in the organization, even if added to a project with a non-Owner role.

  • Use any privilege granted to any organization role.

  • Administer organization settings.

  • Add, edit, or delete users to the organization.

  • Delete the organization.

Organization Project Creator

An Cloud Manager user with this organization role can:

Organization Read Only
An Cloud Manager user with this organization role can grant read-only access to everything in the organization, including all projects in the organization.
Organization Member

An Cloud Manager user with this organization role can grant read-only access to the organization (settings, users, and billing) and the projects to which they belong.

Within a project, an Organization Member's project role sets their project privileges.

A Project User Admin or Owner can add a new Cloud Manager user to a project. This also adds this new Cloud Manager user to that project's organization.

Organization Billing Admin

An Cloud Manager user with this organization role can:

  • Administer billing information for the organization.

  • Use any privilege granted to the from the Organization Member role.

The following roles grant privileges within a project.

Project Role
Privileges
Project Read Only

An Cloud Manager user with this project role can view most project components, including all:

  • Activity

  • Operational data

  • Cloud Manager Users

  • Cloud Manager User roles.

This user can't modify or delete anything.

Project User Admin

An Cloud Manager user with this project role can:

  • Add an existing Cloud Manager user to a project. If the added user does not currently belong to the organization, the user will be added to the organization as well.

  • Invite a new Cloud Manager user to a project. After the Cloud Manager user accepts the invite, Cloud Manager also adds this user to the organization.

  • Remove an existing project invitation.

  • Deny a user's request to join a project. This can deny the user access to the project depending on the user's role in the organization.

  • Remove a user from a project.

  • Modify a user's role within a project.

Project Data Access Admin

An Cloud Manager user with this project role can:

Project Data Access Read/Write

An Cloud Manager user with this project role can:

Project Data Access Read Only

An Cloud Manager user with this project role can:

Project Monitoring Admin

An Cloud Manager user with this project role can:

  • Use any privilege granted to the Project Read Only role.

  • Administer alerts (create, modify, delete, enable/disable, acknowledge/unacknowledge).

  • Manage hosts (add, edit, delete).

  • Download Monitoring.

Project Backup Admin

An Cloud Manager user with this project role can:

  • Use any privilege granted to the Project Read Only role.

  • Manage backups, including:

    • Starting, stopping, and terminating backups.

    • Requesting restores.

    • Viewing and editing the namespaces filter.

    • Viewing and editing host passwords.

    • Modifying backup settings.

    • Generating SSH keys.

    • Downloading the MongoDB Agent.

Project Automation Admin

An Cloud Manager user with this project role can:

  • Use any privilege granted to the Project Read Only role.

  • View deployments.

  • Provision machines.

  • Edit configuration files.

  • Download the MongoDB Agent.

Project Owner

An Cloud Manager user with this project role can:

  • Use any privilege granted to any of the other project roles.

  • Configure the Backup service.

Note

A user with Organization Owner role has Project Owner access for all projects in the organization, even if added to a project with a non-Owner role.

←  Programmatic Access to Cloud ManagerInvitations to Organizations and Projects →