Navigation
You were redirected from a different version of the documentation. Click here to go back.

Cloud Manager Roles

Cloud Manager roles allow you to grant users different levels of access to Cloud Manager. You can grant a user the privileges needed to perform a specific set of tasks and no more.

To assign user roles, see Edit a User’s or Team’s Role in a Project. You can’t assign your own roles.

Organization Roles

Organization Role Privileges
Organization Owner

An Cloud Manager user with this organization role can:

  • Grants root access to the organization.
  • Grants Project Owner access to all projects in the organization, even if added to a project with a non-Owner role.
  • Use any privilege granted to any organization role.
  • Administer organization settings.
  • Add, edit, or delete users to the organization.
  • Delete the organization.
Organization Project Creator

An Cloud Manager user with this organization role can:

  • Create projects in the organization.
  • Use any privilege granted to the Organization Member role.
Organization Read Only
An Cloud Manager user with this organization role can grant read-only access to everything in the organization, including all projects in the organization.
Organization Member

An Cloud Manager user with this organization role can grant read-only access to the organization (settings, users, and billing) and the projects to which they belong.

Within a project, an Organization Member’s project role sets their project privileges.

A Project User Admin or Owner can add a new Cloud Manager user to a project. This also adds this new Cloud Manager user to that project’s organization.

Organization Billing Admin

An Cloud Manager user with this organization role can:

  • Administer billing information for the organization.
  • Use any privilege granted to the from the Organization Member role.

Project Roles

The following roles grant privileges within a project.

Project Role Privileges
Project Read Only

An Cloud Manager user with this project role can view most project components, including all:

  • Activity
  • Operational data
  • Cloud Manager Users
  • Cloud Manager User roles.

This user can’t modify or delete anything.

Project User Admin

An Cloud Manager user with this project role can:

  • Add an existing Cloud Manager user to a project. If the added user does not currently belong to the organization, the user will be added to the organization as well.
  • Invite a new Cloud Manager user to a project. After the Cloud Manager user accepts the invite, Cloud Manager also adds this user to the organization.
  • Remove an existing project invitation.
  • Deny a user’s request to join a project. This can deny the user access to the project depending on the user’s role in the organization.
  • Remove a user from a project.
  • Modify a user’s role within a project.
Project Data Access Admin

An Cloud Manager user with this project role can:

Project Data Access Read/Write

An Cloud Manager user with this project role can:

Project Data Access Read Only

An Cloud Manager user with this project role can:

Project Monitoring Admin

An Cloud Manager user with this project role can:

  • Use any privilege granted to the Project Read Only role.
  • Administer alerts (create, modify, delete, enable/disable, acknowledge/unacknowledge).
  • Manage hosts (add, edit, delete).
  • Download Monitoring.
Project Backup Admin

An Cloud Manager user with this project role can:

  • Use any privilege granted to the Project Read Only role.
  • Manage backups, including:
    • Starting, stopping, and terminating backups.
    • Requesting restores.
    • Viewing and editing the namespaces filter.
    • Viewing and editing host passwords.
    • Modifying backup settings.
    • Generating SSH keys.
    • Downloading the MongoDB Agent.
Project Automation Admin

An Cloud Manager user with this project role can:

  • Use any privilege granted to the Project Read Only role.
  • View deployments.
  • Provision machines.
  • Edit configuration files.
  • Download the MongoDB Agent.
Project Owner

An Cloud Manager user with this project role can:

  • Use any privilege granted to any of the other project roles.
  • Configure the Backup service.

Note

A user with Organization Owner role has Project Owner access for all projects in the organization, even if added to a project with a non-Owner role.