MongoDB privileges and roles for a certain method

I find the privileges and roles section of the document to be less explicit than I would hope it to be.

Specific example:
I have a sharded cluster (with replica sets). In the sharded cluster I have a database named XDB that has a collection named YCOLL. The collection is a GridFS collection, so we see collections YCOLL.chunks and YCOLL.files.

I would llike to create a roled named ZROLE, and a user named WUSER. I know how to create the user and grant the role to the user. I would like the user to be able to perform this action: db.YCOLL.chunks.getShardDistribution ()

https://docs.mongodb.com/manual/reference/method/db.collection.getShardDistribution/

With db.grantPrivilegesToRole() https://docs.mongodb.com/manual/reference/method/db.grantPrivilegesToRole
I can grant an action to the role ZROLE. How do I know which action to grant to the role, to allow the user to do a getShardDistribution ?

Hello @Jacques_Kilchoer, welcome to the community.

collStats is the command previously used to get the details of the getShardDistribution (see this: https://jira.mongodb.org/browse/SERVER-44892). But, its changed to $collStats, an aggregation stage. I am guessing that the related action for getShardDistribution is collStats.

1 Like

Thank you so much. I will try that action. From your answer, I’m guessing that there is no easy (or documented) way to know which action correpsonds to any particular method?

Me too :slightly_smiling_face:. For now documentation is good enough, I think. We can probe in these forums as questions arise.