GET /api/atlas/v2/groups/{groupId}/customDBRoles/roles/{roleName}
Service accounts Digest auth

Returns one custom role for the specified project. To use this resource, the requesting Service Account or API Key must have the Project Read Only role.

Path parameters

  • groupId string Required

    Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.

    NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.

    Format should match the following pattern: ^([a-f0-9]{24})$.

  • roleName string Required

    Human-readable label that identifies the role for the request. This name must be unique for this custom role in this project.

Query parameters

  • envelope boolean

    Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

    Default value is false.

  • pretty boolean

    Flag that indicates whether the response body should be in the prettyprint format.

    Default value is false.

    Prettyprint

Responses

  • 200 application/vnd.atlas.2023-01-01+json

    OK

    Hide response attributes Show response attributes object
    • actions array[object]

      List of the individual privilege actions that the role grants.

      Privilege action that the role grants.

      Hide actions attributes Show actions attributes object
      • action string Required

        Human-readable label that identifies the privilege action.

        Values are FIND, INSERT, REMOVE, UPDATE, BYPASS_DOCUMENT_VALIDATION, USE_UUID, KILL_OP, BYPASS_DEFAULT_MAX_TIME_MS, CREATE_COLLECTION, CREATE_INDEX, DROP_COLLECTION, ENABLE_PROFILER, KILL_ANY_CURSOR, CHANGE_STREAM, COLL_MOD, COMPACT, CONVERT_TO_CAPPED, DROP_DATABASE, DROP_INDEX, RE_INDEX, RENAME_COLLECTION_SAME_DB, SET_USER_WRITE_BLOCK, BYPASS_USER_WRITE_BLOCK, LIST_SESSIONS, KILL_ANY_SESSION, COLL_STATS, CONN_POOL_STATS, DB_HASH, DB_STATS, GET_CMD_LINE_OPTS, GET_LOG, GET_PARAMETER, GET_SHARD_MAP, HOST_INFO, IN_PROG, LIST_DATABASES, LIST_COLLECTIONS, LIST_INDEXES, LIST_SHARDS, NET_STAT, REPL_SET_GET_CONFIG, REPL_SET_GET_STATUS, SERVER_STATUS, VALIDATE, SHARDING_STATE, TOP, SQL_GET_SCHEMA, SQL_SET_SCHEMA, VIEW_ALL_HISTORY, OUT_TO_S3, OUT_TO_AZURE, OUT_TO_GCS, STORAGE_GET_CONFIG, STORAGE_SET_CONFIG, FLUSH_ROUTER_CONFIG, ENABLE_SHARDING, CHECK_METADATA_CONSISTENCY, MOVE_CHUNK, SPLIT_CHUNK, ANALYZE_SHARD_KEY, REFINE_COLLECTION_SHARD_KEY, CLEAR_JUMBO_FLAG, RESHARD_COLLECTION, SHARDED_DATA_DISTRIBUTION, GET_STREAM_PROCESSOR, CREATE_STREAM_PROCESSOR, PROCESS_STREAM_PROCESSOR, START_STREAM_PROCESSOR, STOP_STREAM_PROCESSOR, DROP_STREAM_PROCESSOR, SAMPLE_STREAM_PROCESSOR, LIST_STREAM_PROCESSORS, LIST_CONNECTIONS, or STREAM_PROCESSOR_STATS.

      • resources array[object]

        List of resources on which you grant the action.

        Namespace to which this database user has access.

        Hide resources attributes Show resources attributes object
        Cluster Resources
        • cluster boolean Required

          Flag that indicates whether to grant the action on the cluster resource. If true, MongoDB Cloud ignores the actions.resources.collection and actions.resources.db parameters.

        • collection string Required

          Human-readable label that identifies the collection on which you grant the action to one MongoDB user. If you don't set this parameter, you grant the action to all collections in the database specified in the actions.resources.db parameter. If you set "actions.resources.cluster" : true, MongoDB Cloud ignores this parameter.

        • db string Required

          Human-readable label that identifies the database on which you grant the action to one MongoDB user. If you set "actions.resources.cluster" : true, MongoDB Cloud ignores this parameter.

    • inheritedRoles array[object]

      List of the built-in roles that this custom role inherits.

      Role inherited from another context for this database user.

      Hide inheritedRoles attributes Show inheritedRoles attributes object
      Built-in MongoDB Roles
      • db string Required

        Human-readable label that identifies the database on which someone grants the action to one MongoDB user.

      • role string Required

        Human-readable label that identifies the role inherited. Set this value to admin for every role except read or readWrite.

        MongoDB Built-In Roles
    • roleName string Required

      Human-readable label that identifies the role for the request. This name must be unique for this custom role in this project.
  • 401 application/json

    Unauthorized.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 403 application/json

    Forbidden.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 404 application/json

    Not Found.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 500 application/json

    Internal Server Error.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
GET /api/atlas/v2/groups/{groupId}/customDBRoles/roles/{roleName} 
atlas api customDatabaseRoles getCustomDbRole --help
import (	"os"	"context"	"log"	sdk "go.mongodb.org/atlas-sdk/v20230201001/admin" ) func main() {	ctx := context.Background()	clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")	clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")	// See https://dochub.mongodb.org/core/atlas-go-sdk-oauth	client, err := sdk.NewClient(sdk.UseOAuthAuth(clientID, clientSecret))	if err != nil {	log.Fatalf("Error: %v", err)	}	params = &sdk.GetGroupCustomDbRoleRoleApiParams{}	sdkResp, httpResp, err := client.CustomDatabaseRolesApi.	GetGroupCustomDbRoleRoleWithParams(ctx, params).	Execute() } 
curl --include --header "Authorization: Bearer ${ACCESS_TOKEN}" \ --header "Accept: application/vnd.atlas.2023-02-01+json" \ -X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/customDBRoles/roles/{roleName}?pretty=true"
curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \ --digest --include \ --header "Accept: application/vnd.atlas.2023-02-01+json" \ -X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/customDBRoles/roles/{roleName}?pretty=true"
Response examples (200) 
{ "actions": [ { "action": "FIND", "resources": [ { "cluster": true, "collection": "string", "db": "string" } ] } ], "inheritedRoles": [ { "db": "string", "role": "string" } ], "roleName": "string" }
Response examples (401) 
{ "error": 401, "detail": "(This is just an example, the exception may not be related to this endpoint)", "reason": "Unauthorized", "errorCode": "NOT_ORG_GROUP_CREATOR" }
Response examples (403) 
{ "error": 403, "detail": "(This is just an example, the exception may not be related to this endpoint)", "reason": "Forbidden", "errorCode": "CANNOT_CHANGE_GROUP_NAME" }
Response examples (404) 
{ "error": 404, "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS", "reason": "Not Found", "errorCode": "RESOURCE_NOT_FOUND" }
Response examples (500) 
{ "error": 500, "detail": "(This is just an example, the exception may not be related to this endpoint)", "reason": "Internal Server Error", "errorCode": "UNEXPECTED_ERROR" }