Required Access

MongoDB Compass users require specific privileges to access various Compass features if authentication/authorization is enforced on the connected MongoDB instance.

The following table lists the privileges required to access the features as well as the built-in roles that can provide these privileges:

Compass View	Capability	Privilege(s)	MongoDB Built-In Role
Home/MongoDB Instance	View performance	`dbStats` `getCmdLineOpts` `inprog` `serverStatus` `top`	`clusterMonitor`
Database	Create a Database	`createCollection`	`readWrite`
Database	Drop a Database	`dropDatabase`	`dbAdmin`
Collection	Create a Collection	`createCollection`	`readWrite`
Collection	Drop a Collection	`dropCollection`	`readWrite`
Schema	Query/View a Schema	`find`	`read`
Documents	Query/View a Document	`find`	`read`
Documents	Clone, insert, update, delete a document	`find` `insert` `update` `remove`	`readWrite`
Indexes	View an index	`listIndexes`	`read`
Indexes	Create, drop an index	`createIndex` `dropIndex`	`readWrite`
Explain Plan	Query/View a query plan	`find`	`read`
Validation	View rules	`listCollections`	`read`
Validation	Update rules	`collMod`	`dbAdmin`

Note

The built-in roles may provide more access than required. You can also create a User-Defined Roles on Self-Managed Deployments to grant specific privileges.

Back

Export with the CLI

Disconnect