Oplog Operations Permissions Level

I’m trying use commands related to Oplog operations.
Currently these are db.getReplicationInfo and db.collection.watch

In my local (simple setup without authorization) replica set it works fine.
But connecting to a Atlas setup I’ve got

MongoError: not authorized on test to execute command

Event escalating user role upto dbAdminAnyDatabase doesn’t solve the problem.
As I understand there should be role similar to

in Atlas but my admin says he can’t find anything like that.

So what might be the solution?

Could it be because of connection over mongodb+srv scheme. Should it be connected directly to PRIMARY node instead to run Oplog based commands?

And in general what is the way to find out required permissions level / user role to execute specific command?

Thank you.

Actually the link above is to clusterAdmin role description.

What is your cluster type?Free or paid?
There are restrictions on free tier Atlas clusters

Ah! Maybe this is really the point. I’ll check.
Thank you very much.

And if this is really my case is there any options fo workaround for development debugging purposes?

Maybe some emulation/mock tools on Atlas level or disable the restriction to just only one single collection?

You should be able to do this with read access on the local database https://docs.atlas.mongodb.com/reference/atlas-oplog/ but note that the modern way to do this is with change streams

1 Like