MongoDB role-based access control (https://docs.mongodb.com/manual/core/authorization/#role-based-access-control) involves three main factors: role, resource, and rights. In the documentation on security, you see rights referred to as actions, privileges, and also privilege actions. To form a mental picture of a role, picture managing a server. The person who creates users and assigns filesystem rights assumes the administrator role. However, in a small company, this person could also manage the accounting department, and thus also assumes the role of accounting manager.
A resource, in the context of MongoDB security, is most often a database or collection. Resources could also be a server cluster or a built-in resource such as anyResource. The most complicated to understand are rights, thus we begin our discussion with privilege actions.