From 7159dbf4b566a0787053c8aae731c28b19d44b83 Mon Sep 17 00:00:00 2001
From: Angela <angelashu103@gmail.com>
Date: Tue, 8 Apr 2025 16:21:00 -0400
Subject: [PATCH 1/3] clarify required permissions

---
 source/connecting/onprem-to-atlas.txt         |  8 ++--
 ...able-permissions-atlas-onprem-to-atlas.rst | 25 +++++++++++
 ...ermissions-self-hosted-onprem-to-atlas.rst | 42 +++++++++++++++++++
 3 files changed, 71 insertions(+), 4 deletions(-)
 create mode 100644 source/includes/table-permissions-atlas-onprem-to-atlas.rst
 create mode 100644 source/includes/table-permissions-self-hosted-onprem-to-atlas.rst

diff --git a/source/connecting/onprem-to-atlas.txt b/source/connecting/onprem-to-atlas.txt
index f551b83d9..52cb2e2ba 100644
--- a/source/connecting/onprem-to-atlas.txt
+++ b/source/connecting/onprem-to-atlas.txt
@@ -45,13 +45,13 @@ Roles
 
 .. include:: /includes/fact-permissions-body.rst
 
-The self-managed permissions are:
+The self-managed permissions for the source cluster are:
 
-.. include:: /includes/table-permissions-self-hosted.rst
+.. include:: /includes/table-permissions-self-hosted-onprem-to-atlas.rst
 
-The Atlas permissions are:
+The Atlas permissions for the destination cluster are:
 
-.. include:: /includes/table-permissions-atlas.rst
+.. include:: /includes/table-permissions-atlas-onprem-to-atlas.rst
 
 Behavior
 --------
diff --git a/source/includes/table-permissions-atlas-onprem-to-atlas.rst b/source/includes/table-permissions-atlas-onprem-to-atlas.rst
new file mode 100644
index 000000000..d0a26871a
--- /dev/null
+++ b/source/includes/table-permissions-atlas-onprem-to-atlas.rst
@@ -0,0 +1,25 @@
+..
+   Comment: The nested lists need blank lines before and after each list
+            plus extra indents 
+
+.. list-table::
+   :header-rows: 1
+   :stub-columns: 1
+   :widths: 15 20 20
+
+   * - Sync Type
+     - Required Destination Permissions
+
+   * - Default
+     - - atlasAdmin
+       - :authaction:`bypassWriteBlockingMode`
+       
+   * - Dual write-blocking, reversing, or multiple reversals
+     - - atlasAdmin
+       - :authaction:`bypassWriteBlockingMode`
+
+For details on Atlas roles, see: :atlas:`Built-In Roles and Privileges
+</mongodb-users-roles-and-privileges/>`.
+
+To update Atlas user permissions, see:
+:atlas:`Manage Access to a Project </access/manage-project-access/>`.
\ No newline at end of file
diff --git a/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst b/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
new file mode 100644
index 000000000..441ecba15
--- /dev/null
+++ b/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
@@ -0,0 +1,42 @@
+..
+   Comment: The nested lists need extra indents.  Keep roles in alphabetic
+            order.
+
+.. list-table::
+   :header-rows: 1
+   :stub-columns: 1
+   :widths: 20 40 40
+
+   * - Sync Type
+     - Required Source Permissions
+
+   * - Default
+     - - :authrole:`backup`
+       - :authrole:`clusterMonitor`
+       - :authrole:`readAnyDatabase`
+
+   * - Dual Write-Blocking
+     - - :authrole:`backup`
+       - :authrole:`clusterManager`
+       - :authrole:`clusterMonitor`
+       - :authrole:`readWriteAnyDatabase`
+       - :authrole:`restore``
+
+   * - Reversing
+     - - :authrole:`backup`
+       - :authrole:`clusterManager`
+       - :authrole:`clusterMonitor`
+       - :authrole:`readWriteAnyDatabase`
+       - :authrole:`restore`
+
+   * - Multiple Reversals
+     - - :authrole:`backup`
+       - :authrole:`clusterManager`
+       - :authrole:`clusterMonitor`
+       - :authrole:`dbAdminAnyDatabase`
+       - :authrole:`readWriteAnyDatabase`
+       - :authrole:`restore`
+
+For details on server roles, see: :ref:`authorization`.
+
+To update user permissions, see: :dbcommand:`grantRolesToUser`.
\ No newline at end of file

From 2caa97cb66e1ab1f36e7bd9eb6db7df125a38b78 Mon Sep 17 00:00:00 2001
From: Angela <angelashu103@gmail.com>
Date: Wed, 9 Apr 2025 09:57:21 -0400
Subject: [PATCH 2/3] fix build errors

---
 source/includes/table-permissions-atlas-onprem-to-atlas.rst     | 2 +-
 source/includes/table-permissions-atlas.rst                     | 2 +-
 .../includes/table-permissions-self-hosted-onprem-to-atlas.rst  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/source/includes/table-permissions-atlas-onprem-to-atlas.rst b/source/includes/table-permissions-atlas-onprem-to-atlas.rst
index d0a26871a..3c83f6c76 100644
--- a/source/includes/table-permissions-atlas-onprem-to-atlas.rst
+++ b/source/includes/table-permissions-atlas-onprem-to-atlas.rst
@@ -5,7 +5,7 @@
 .. list-table::
    :header-rows: 1
    :stub-columns: 1
-   :widths: 15 20 20
+   :widths: 15 20
 
    * - Sync Type
      - Required Destination Permissions
diff --git a/source/includes/table-permissions-atlas.rst b/source/includes/table-permissions-atlas.rst
index 95f3859cf..151cc8aa0 100644
--- a/source/includes/table-permissions-atlas.rst
+++ b/source/includes/table-permissions-atlas.rst
@@ -5,7 +5,7 @@
 .. list-table::
    :header-rows: 1
    :stub-columns: 1
-   :widths: 15 20 20
+   :widths: 15 20
 
    * - Sync Type
      - Required Source Permissions
diff --git a/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst b/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
index 441ecba15..7bc2835ac 100644
--- a/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
+++ b/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
@@ -20,7 +20,7 @@
        - :authrole:`clusterManager`
        - :authrole:`clusterMonitor`
        - :authrole:`readWriteAnyDatabase`
-       - :authrole:`restore``
+       - :authrole:`restore`
 
    * - Reversing
      - - :authrole:`backup`

From c7ccc43d67135582b380d025b3685198c9522777 Mon Sep 17 00:00:00 2001
From: Angela <angelashu103@gmail.com>
Date: Wed, 9 Apr 2025 10:18:40 -0400
Subject: [PATCH 3/3] fix build log

---
 source/includes/table-permissions-atlas-onprem-to-atlas.rst    | 1 -
 source/includes/table-permissions-atlas.rst                    | 2 +-
 .../includes/table-permissions-self-hosted-onprem-to-atlas.rst | 3 +--
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/source/includes/table-permissions-atlas-onprem-to-atlas.rst b/source/includes/table-permissions-atlas-onprem-to-atlas.rst
index 3c83f6c76..68fb73d87 100644
--- a/source/includes/table-permissions-atlas-onprem-to-atlas.rst
+++ b/source/includes/table-permissions-atlas-onprem-to-atlas.rst
@@ -4,7 +4,6 @@
 
 .. list-table::
    :header-rows: 1
-   :stub-columns: 1
    :widths: 15 20
 
    * - Sync Type
diff --git a/source/includes/table-permissions-atlas.rst b/source/includes/table-permissions-atlas.rst
index 151cc8aa0..95f3859cf 100644
--- a/source/includes/table-permissions-atlas.rst
+++ b/source/includes/table-permissions-atlas.rst
@@ -5,7 +5,7 @@
 .. list-table::
    :header-rows: 1
    :stub-columns: 1
-   :widths: 15 20
+   :widths: 15 20 20
 
    * - Sync Type
      - Required Source Permissions
diff --git a/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst b/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
index 7bc2835ac..6c49483a4 100644
--- a/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
+++ b/source/includes/table-permissions-self-hosted-onprem-to-atlas.rst
@@ -4,8 +4,7 @@
 
 .. list-table::
    :header-rows: 1
-   :stub-columns: 1
-   :widths: 20 40 40
+   :widths: 20 40
 
    * - Sync Type
      - Required Source Permissions