There are three primary roles, discussed in Chapter 11, Administering MongoDB Security, that allow the assigned database user to perform database administration:
- dbAdmin: Please refer to https://docs.mongodb.com/manual/reference/built-in-roles/#dbAdmin.
- dbOwner: Please refer to https://docs.mongodb.com/manual/reference/built-in-roles/#dbOwner.
- dbAdminAnyDatabase: Please refer to https://docs.mongodb.com/manual/reference/built-in-roles/#dbAdminAnyDatabase.
Their abilities include operations such as gathering statistics, running queries, and managing indexes, all the way up to dropping the database.
It should be noted, however, that if the database is dropped, a database-specific user (for example, a user assigned either dbAdmin or dbOwner) would cease to exist, and accordingly, their rights would also no longer apply.
In this mongo shell script example, a user, biglittle_owner, is created...