This is a request for a new built-in role that includes the following:

• Ability to read and write data to any database (excluding ability to directly modify system.users, system.roles). i.e. readWriteAnyDatabase
• Ability to enable sharding on a database and ability to shard collections.

... but excludes the following:

• Ability to create, edit, delete users
• Ability to add/remove shard
• Ability to modify the replica set configuration (including add/remove member, change priorities, etc.)