Creating User Account in MongoDB ~ Atikh's DBA blog

For any database whether it is RDBMS or NoSQL, the user account is a very important aspect and is a must to connect to a database
There are different types of users depending on usage like, admin user account, read-only account, read write only.
Users can be created or added to the database using db.createUser() method available with MongoDB
The db.createUser() method accepts a document object that enables you to specify the username, roles and password for user to be created

Definition of db.createUser() method
db.createUser(user, writeConcern)

Field	Type	Description
User	Document	The document with authentication and access information about user
writeConcern	Document	Optional, the level of writeConcern for creation operation

The user document has the following fields

Field	Type	Description
user	String	The name of the new user
pwd	String	The user password
customData	Document	Optional, any information about user
roles	Array	This defines roles, The roles granted to a user can be an empty array[] to create a user without any roles
AuthenticationRestrictions	Array	Optional, the authentication restrictions the server enforces on the user. Specifies a list of IP addresses and CIDR ranges from which user will be able to connect
Mechanisms	Array	Optional, specify the specific SCRAM mechanism for creating SCRAM user creation
passwordDigester	string	Optional, Indicates whether the server or the client digest the password

Roles
In the role field, you can specify the build-in roles and user-defined roles. You can specify directly role name or in the form of a document as well
i.e.

"readWrite" or {role : "" : db ""}

External Credentials
Users created on $external database should have credentials stored externally to MongoDB
Local database
user can not be created on local database
Examples
Create account with roles assigned

> db.createUser({ user : "tech_owner",

... pwd : "techo!23",

... customData : {user : "blogUser"},

... roles :[{role: "clusterAdmin",

... db : "admin" },

... "readWrite"]}

... );

Successfully added user: {

"user" : "tech_owner",

"customData" : {

"user" : "blogUser"

"roles" : [

{

"role" : "clusterAdmin",

"db" : "admin"

"readWrite"

]

}

Create an account with roles

> db.createUser({ user : "tech_user",

... pwd : "techo!23",

... roles :["readWrite", "dbAdmin"]}

... );

Successfully added user: { "user" : "tech_user", "roles" : [ "readWrite", "dbAdmin" ] }

Create user without any roles

> db.createUser({ user : "tech_wo_roles",

... pwd : "techo!23",

... roles :[]

... }

... );

Successfully added user: { "user" : "tech_wo_roles", "roles" : [ ] }

Listing users created

> db.getUsers();

[

{

"_id" : "techno_db.tech_owner",

"user" : "tech_owner",

"db" : "techno_db",

"customData" : {

"user" : "blogUser"

"roles" : [

{

"role" : "clusterAdmin",

"db" : "admin"

{

"role" : "readWrite",

"db" : "techno_db"

}

"mechanisms" : [

"SCRAM-SHA-1"

]

{

"_id" : "techno_db.tech_user",

"user" : "tech_user",

"db" : "techno_db",

"roles" : [

{

"role" : "readWrite",

"db" : "techno_db"

{

"role" : "dbAdmin",

"db" : "techno_db"

}

"mechanisms" : [

"SCRAM-SHA-1"

]

{

"_id" : "techno_db.tech_wo_roles",

"user" : "tech_wo_roles",

"db" : "techno_db",

"roles" : [ ],

"mechanisms" : [

"SCRAM-SHA-1"

]

}

]

Removing/Dropping User in MongoDB
First list the users using db.getUsers() method and decide which one to drop
then use db.dropUser() method to drop user, this dropUser() method takes username as argument
We will drop tech_wo_roles user

> db.dropUser("tech_wo_roles");

true

If you want to drop all the users if you can user db.dropAllUsers() method.

More will come on MongoDB. follow this space for more and explore more.

Creating User Account in MongoDB

0 comments:

Post a Comment

Author

Categories

Blog Archive

Popular Posts

Labels

Pages