Minimum permission for using mongodump (to dump a specific db)

Question

We can\'t seem to find any conclusive document on what permissions (user roles) are required to run mongodump on a specific db.

Say I have a db named

Answer 1

Bad memory for me too. But finally figure it out... Actually it's so simple. You just need to add a user with the backup role for mongodump and restore role for mongorestore.

backup role: Provides minimal privileges needed for backing up data. This role provides sufficient privileges to use the MongoDB Cloud Manager backup agent, Ops Manager backup agent, or to use mongodump to back up an entire mongod instance.

restore role: Provides privileges needed to restore data from backups that do not include system.profile collection data. This role is sufficient when restoring data with mongorestore without the --oplogReplay option.

For example, you can create a backup user like this:

> use admin
> db.createUser({
    user: "backupuser",
    pwd: "12345",
    roles: ["backup"]
})