1.3 KiB
1.3 KiB
config the root role of mongodb
refer to http://www.server110.com/mongodb/201705/89462.html
$ mongo
> show dbs
> use admin
> db.createUser({
user: "root",
pwd: "root",
roles: [ { role: "userAdminAnyDatabase", db: "admin" }]
}
)
use test
db.createUser(
{
user: "tester",
pwd: "xyz123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
}
)
roles:
readWrite
read
readAnyDatabase 任何数据库的只读权限
readWriteAnyDatabase 任何数据库的读写权限
userAdminAnyDatabase 任何数据库用户的管理权限
dbAdminAnyDatabase 任何数据库的管理权限
role
- 数据库用户角色:read、readWrite;
- 数据库管理角色:dbAdmin、dbOwner、userAdmin;
- 集群管理角色:clusterAdmin、clusterManager、clusterMonitor、hostManager;
- 备份恢复角色:backup、restore;
- 所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase
- 超级用户角色:root
// 这里还有几个角色间接或直接提供了系统超级用户的访问(dbOwner 、userAdmin、userAdminAnyDatabase) - 内部角色:__system
add this config into /etc/mongod.config
security:
authorization: enabled