• Organizations and Projects >
• Cloud Manager Roles

Cloud Manager Roles

Cloud Manager roles allow you to grant users different levels of access to Cloud Manager. You can grant a user the privileges needed to perform a specific set of tasks and no more.

To assign user roles, see Edit a User’s or Team’s Role in a Project. You can’t assign your own roles.

Organization Roles

Organization Role	Privileges
Organization Owner	An Cloud Manager user with this organization role can: Grants root access to the organization. Grants Project Owner access to all projects in the organization, even if added to a project with a non-Owner role. Use any privilege granted to any organization role. Administer organization settings. Add, edit, or delete users to the organization. Delete the organization.
Organization Project Creator	An Cloud Manager user with this organization role can: Create projects in the organization. Use any privilege granted to the Organization Member role.
Organization Read Only	An Cloud Manager user with this organization role can grant read-only access to everything in the organization, including all projects in the organization.
Organization Member	An Cloud Manager user with this organization role can grant read-only access to the organization (settings, users, and billing) and the projects to which they belong. Within a project, an Organization Member’s project role sets their project privileges. A Project User Admin or Owner can add a new Cloud Manager user to a project. This also adds this new Cloud Manager user to that project’s organization.

Organization Billing Admin

An Cloud Manager user with this organization role can: Administer billing information for the organization. Use any privilege granted to the from the Organization Member role.

Project Roles

The following roles grant privileges within a project.

Project Role	Privileges
Project Read Only	An Cloud Manager user with this project role can view most project components, including all: Activity Operational data Cloud Manager Users Cloud Manager User roles. This user can’t modify or delete anything.
Project User Admin	An Cloud Manager user with this project role can: Add an existing Cloud Manager user to a project. If the added user does not currently belong to the organization, the user will be added to the organization as well. Invite a new Cloud Manager user to a project. After the Cloud Manager user accepts the invite, Cloud Manager also adds this user to the organization. Remove an existing project invitation. Deny a user’s request to join a project. This can deny the user access to the project depending on the user’s role in the organization. Remove a user from a project. Modify a user’s role within a project.
Project Data Access Admin	An Cloud Manager user with this project role can: Use the Data Explorer. With the Data Explorer, the Cloud Manager user with this role can: View, create, and drop databases, collections, and indexes. View, modify, and delete documents. Use any privilege granted to the Project Read Only role. Kill an operation in the Real Time Performance Panel. View the sample query field values in the Performance Advisor.
Project Data Access Read/Write	An Cloud Manager user with this project role can: Use the Data Explorer. With the Data Explorer, the Cloud Manager user with this role can: View and create databases and collections. View, modify, and delete documents. View indexes. View the sample query field values in the Performance Advisor.
Project Data Access Read Only	An Cloud Manager user with this project role can: View databases, collections, and indexes in the Data Explorer View the sample query field values in the Performance Advisor.
Project Monitoring Admin	An Cloud Manager user with this project role can: Use any privilege granted to the Project Read Only role. Administer alerts (create, modify, delete, enable/disable, acknowledge/unacknowledge). Manage hosts (add, edit, delete). Download Monitoring.
Project Backup Admin	An Cloud Manager user with this project role can: Use any privilege granted to the Project Read Only role. Manage backups, including: Starting, stopping, and terminating backups. Requesting restores. Viewing and editing the namespaces filter. Viewing and editing host passwords. Modifying backup settings. Generating SSH keys. Downloading the MongoDB Agent.
Project Automation Admin	An Cloud Manager user with this project role can: Use any privilege granted to the Project Read Only role. View deployments. Provision machines. Edit configuration files. Download the MongoDB Agent.
Project Owner	An Cloud Manager user with this project role can: Use any privilege granted to any of the other project roles. Configure the Backup service. Note A user with Organization Owner role has Project Owner access for all projects in the organization, even if added to a project with a non-Owner role.

←   Programmatic Access to Cloud Manager Invitations to Organizations and Projects  →

© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.