Docs Menu
Docs Home
/
MongoDB Cluster-to-Cluster Sync
/

User Permissions

On this page

  • Self-Managed Clusters
  • Atlas Clusters

The user specified in the mongosync connection string must have the required permissions on the source and destination clusters. The permissions vary depending on your environment and if you want to run a write-blocking or reverse sync.

The self-managed permissions are:

Sync Type
Required Source Permissions
Required Destination Permissions
Default
  • backup

  • clusterMonitor

  • readAnyDatabase

Write-blocking
Reversing

For details on server roles, see: Role-Based Access Control.

To update user permissions, see: grantRolesToUser.

The Atlas permissions are:

Sync Type
Target
Required Permissions
default
source cluster
  • atlasAdmin

  • backup

default
destination cluster
  • atlasAdmin

write-blocking or reversing
source cluster
  • atlasAdmin

  • backup

  • bypassWriteBlockMode privilege

write-blocking or reversing
destination cluster
  • atlasAdmin

  • backup

  • bypassWriteBlockMode privilege

For details on Atlas roles, see: Atlas User Roles.

To update Atlas user permissions, see: Manage Access to a Project.

← Logging