Shulou(Shulou.com)05/31 Report--

This article shows you how to create mongodb users and roles to use, the content is concise and easy to understand, can definitely make your eyes bright, through the detailed introduction of this article, I hope you can learn something.

I. Mongodb internal roles

1. Database user role

Read-permissions to read database objects

ReadWrite-read and modify database object permissions

two。 Database management role

DbAdmin-role of performing administrative tasks

DbOwner-the owner of the database, which can operate on all database operations

UserAdmin-create and modify roles and user functions on the current database

3. Cluster management role

ClusterAdmin-Cluster administrator

ClusterManager-manage clustering and monitoring

ClusterMonitor-Monitoring clusters and read-only access

HostManager-Monitoring and managing server function

4. Backup recovery role

Backup-minimum permissions for backing up data

Restore-restore permissions

5. All database roles

ReadAnyDatabase-read only all database roles

ReadWriteAnyDatabase-read and write all databases

UserAdminAnyDatabase-same access to user management operations for all databases except local

DbAdminAnyDatabase-the same permissions for all databases except local

6. Superuser role

Root-provide all resources readWriteAnyDatabase,dbAdminAnyDatabase,userAdminAnyDatabase,clusterAdmin,restore,backup

7. Internal role

_ _ system-provides permission to perform any operation on any object in the database

two。 Custom role

1. Custom role format

{role: ", privileges: [{resource: {}, actions: [",...]},...], roles: [{role: ", db:"} |",...], authenticationRestrictions: [{clientSource: ["|",...], serverAddress: ["|" ...]},...]}

two。 Custom roles (add, delete, change and query all tables in config library, update, insert and delete usersCollection tables in users library, and have search permissions for all databases)

> use adminswitched to db admin > db.createRole ({role: "wuhan123",-- role name privileges: [{resource: {db: "config", collection: ""}, actions: ["find", "update", "insert", "remove"]}, {resource: {db: "users", collection: "usersCollection"}, actions: ["update", "insert") "remove"]}, {resource: {db: ", collection:"}, actions: ["find"]}], roles: [{role: "read", db: "admin"}]}) >

3. List and delete roles

> db.getRole ("wuhan123")-displays individual role information (wuhan123 is the role name) {"role": "wuhan123", "db": "admin", "isBuiltin": false, "roles": [{"role": "read", "db": "admin"}], "inheritedRoles": [{"role": "read" "db": "admin"} > db.getRoles ()-displays all roles in the current library [{"role": "wuhan123", "db": "admin", "isBuiltin": false "roles": [{"role": "read", "db": "admin"}] "inheritedRoles": [{"role": "read", "db": "admin"}]}] > db.dropRole ("wuhan123") -- deleting roles true > db.dropAllRoles ();-- deleting all roles NumberLong (1) >

three。 Create users and use roles

1. Create user format

{user: ", pwd:", customData: {}, roles: [{role: ", db:"} |",...], authenticationRestrictions: [{clientSource: ["|",...] ServerAddress: ["|",...]},...], mechanisms: [",...], passwordDigestor:"}

two。 Create user usage roles

> use tong-- enter the database switched to db tong > db.createUser (. {... User: "u_tong",-- specify the user name. Pwd: "system123",-- specify the password. Roles: ["readWrite", "dbAdmin"]-- use roles in the database.}) Successfully added user: {"user": "u_tong", "roles": ["readWrite", "dbAdmin"]} >

two。 Create a user-specified source IP and destination IP

> use tongswitched to db tong > db.createUser ({user: "u1_tong",-- username pwd: "system123",-- password roles: [{role: "readWrite", db: "tong"}],-- role authenticationRestrictions: [{clientSource: ["192.168.1.10"] -- client IP serverAddress: ["192.168.1.20"]-- Server IP}]}) >

3. View and delete users

> db.getUsers () -- View all users of the current database [{"_ id": "tong.u1_tong", "user": "u1_tong", "db": "tong", "roles": [{"role": "readWrite", "db": "tong"}], "mechanisms": ["SCRAM-SHA-1", "SCRAM-SHA-256"]}, {"_ id": "tong.u_tong" "user": "u_tong", "db": "tong", "roles": [{"role": "readWrite", "db": "tong"}, {"role": "dbAdmin", "db": "tong"}], "mechanisms": ["SCRAM-SHA-1", "SCRAM-SHA-256"]}] > db.getUser ("u_tong") -- View the specified user {"_ id": "tong.u_tong", "user": "u_tong", "db": "tong", "roles": [{"role": "readWrite" "db": "tong"}, {"role": "dbAdmin", "db": "tong"}], "mechanisms": ["SCRAM-SHA-1" "SCRAM-SHA-256"]} > db.dropUser ("u_tong") -- Delete a single user true > db.dropAllUsers ();-- Delete all users of the current library NumberLong (1) >

4. Delegate roles to users

> db.grantRolesToUser ("u_tong", ["readWrite", {role: "read", db: "tong"}], >) the above content is how to create mongodb users and role usage. Have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.