Atlas Database Users and/or Roles not working

So frustrated at the moment! I cannot assign a Privilege or Role to my user that limits access to my specific database and collection. The only way for me to see my dev-datasource is to assign readWriteAnyDatabase@admin to my User Name. The problem with this is I can see all datasources (uat-datasource & prod-datasource).

What am I missing?

Hi @Greg_Embry,

On Atlas when you create or update a user you can assign roles to them.

On this screen (I modify a user on my cluster) you can see that there is a small “Add Default Privileges” button.

Click on it and you have access to more built-in roles that restrict access to a namespace (myDatabse.myCollection). Base on your problem you probably need the “readWrite” built-in role.

To be complete. If for specific tasks the built in roles offered are not sufficient you can always create custom roles by following this documentation page.

I hope that answers your problem :grinning:


Thanks for the quick response @Gaetan_MORLET !

Check out the following screenshot. No matter how I monkey with the roles or individual privileges I cannot just see the dev-datasource as the ONLY datasource.

Ok, the problem seems to concern the NoSQLBooster tool more than Atlas.

First of all, for me and the community we will clarify certain points.

  • You have your dev and prod DBs on the same Atlas cluster. True?

  • You want to connect with a user via NoSQLBooster and see only the database and the collection to which he has access (a dev DB). Correct?
    If yes I don’t use this tool so I don’t know how to do it. Maybe someone in the community can help you. On MongoDB Compass this is done automatically, the user sees only what he has access to.

  • Currently, your user can no longer see anything when connected but before with the readWriteAnyDatabase built-in-role he could see all DBs ?
    I think this is because of your custom role. It also depends on the actions that NoSQLBooster needs to display the info.
    You can in my opinion go back to readWrite built-in-role as I mentioned earlier. It has actions like collStats or listIndexes which can be useful for external tools.

So in my opinion the problem comes more from your custom role and NoSQLBooster.

Keep us in touch.

Hi Greg,

Can you confirm if your issue is with administering users via the Atlas UI or using a third party tool (NoSQL Booster is mentioned in your follow-up post).

Atlas is a managed service, so some administrative commands are limited (particularly if your cluster is provisioned on a shared tier like M0/M2/M5) and a few (like user and role management) must be performed via Atlas. Please refer to Unsupported Commands in Atlas for specific details.

Per the Atlas documentation on Adding Database Users:

Atlas rolls back any user modifications not made through the UI or API. You must use the Atlas UI or API to add, modify, or delete database users on Atlas clusters.


Well, thx for the MongoDB Compass mention. I had no idea that it was available. I installed Compass and it all looks good now. :smiley:

Pre-Atlas, I used Robo 3T and I could not connect to Atlas with it. I then came across NoSQLBooster and was able to connect, but still didn’t see the correct results.

So all is good now.

– Thx @Gaetan_MORLET & @Stennie for reaching out!


This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.