-
Notifications
You must be signed in to change notification settings - Fork 1.7k
/
security-user-defined-roles.txt
45 lines (32 loc) · 1.21 KB
/
security-user-defined-roles.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
.. _user-defined-roles:
==================
User-Defined Roles
==================
.. default-domain:: mongodb
.. contents:: On this page
:local:
:backlinks: none
:depth: 1
:class: singlecol
.. versionadded:: 2.6
MongoDB provides a number of :doc:`built-in roles
</reference/built-in-roles>`. However, if these roles cannot describe the
desired set of privileges, you can create new roles.
Role Management Interface
-------------------------
To add a role, MongoDB provides the :method:`db.createRole()` method.
MongoDB also provides methods to update existing user-defined roles. For
a full list of role management methods, see
:ref:`role-management-methods`.
Scope
-----
When adding a role, you create the role in a specific database. MongoDB
uses the combination of the database and the role name to uniquely
define a role.
.. include:: /includes/fact-roles-privileges-scope.rst
Centralized Role Data
---------------------
MongoDB stores all role information in the :doc:`system.roles
</reference/system-roles-collection>` collection in the ``admin`` database
Do not access this collection directly but instead use the :ref:`role
management commands <role-management-commands>` to view and edit custom roles.