Least permission for DataLake user

We have read access on underlying Clusters’s db and datalake’s DB . access runs fine on underlying clusters but getting an error ( not authorized on DB to execute command) while retriving the data from dataLake ?

Hey @Dasharath_Dixit, thanks for reaching out and apologies for the delayed response.

When you say “Data Lake” here, are you referring to creating a “Pipeline” to make a copy of your cluster data for analytic purposes or are you referring to our Federated Query Engine product now called Atlas Data Lake. This transition was made at MongoDB World in June.

For Atlas Data Lake your “Atlas User” needs to have Project Admin in order to create a pipeline.

For Data Federation, your “Database User” needs to have access to the database and collection name in the Federated Database Instance just as it would in an Atlas Cluster.

A couple of things to check if you are getting an unauthorized error querying in Shell or Compass would be if the Database user is “Scoped” to only have access to the cluster even though it has the same overall role. In Atlas there is a scoping section where you can restrict which resources (i.e. Clusters or Federated Database Instances) a “Database User” has access to.

If this doesn’t help, feel free to reach out to me at benjamin.flast@mongodb.com, I’m happy to setup some time to quickly identify the issue here.


1 Like

|### Dasharath Dixit|2:37 PM (0 minutes ago)||

to Benjamin


Hello Benjamin,

I was referring the Federated Query Engine here. let me check with an option which you mention and get back to you.


Hey Dasharath,

I wanted to follow up here and see if you were able to resolve this issue?


hey @Benjamin_Flast

this issue got resolve for me after we provide the readanydatabase on admin DB underneath collections’s node .

not sure how it related