Allow an "Any Database" option for actions in custom roles
Much like built-in roles have the ability to target all databases/any database, it would be ideal if collection actions could also target any database. Similarly to how, when adding collection actions to a custom role, if you leave the "collection" field blank, it applies to all collections in the specified DB, it would be great if you could leave the "database" field blank too (or add an "any database" option) and have the actions associated with the role be allowed on any database.
This feature gap creates unnecessary maintenance overhead for clusters with large numbers of databases. This is particularly impactful if databases are added/removed/migrated frequently, creating the need for frequent manual maintenance or some kind of API-based automation to keep the role updated so that the actions can be performed on all databases that currently exist on the cluster.
Chandler
shared this idea
-
Andrea
commented
I agree with this feature request.
-
Paul
commented
Agreed. It is very tedious and error prone to have to create individual custom roles for every database.
I'd add that when assigning the custom role to a user then at that point it can be applied against specific databases. This is how the built in roles currently work and would continue to allow a user to be tied to a single DB, but the extra control of their access rights given by custom roles. All without having to create a separate custom role for each user/db combo.
-
Shane
commented
Seconding what Victor said here. This feature would help us greatly
-
Victor
commented
This is a very much needed feature. Having to maintain a hardcoded list of databases is not scalable.
-
AMARA FLASHER
commented
ok