MongoDB Best Practices
Aug 8, 2017 · 1 min read
MongoDB Training by Experts : Best Practices.
When creating new users and assigning them roles:
- Never share a single user across several applications, even though they only make queries to the same one database.
- Remind this. We can’t help but emphasize the previous point: one application, one user.
- In the same manner, one user should only be granted roles and permissions over a single database.
- Always grant the most restrictive role. If your app only reads from two collections, grant it a readOnly permission solely over those collections and not over the whole database.
- Never grant apps the dbAdmin or dbOwner roles. Why in the hell would your app need to create and delete collections or database-wide users?
In the event that some day your app gets somehow compromised or hacked — which is something no one can prevent to the 100% — the damage will be minimal as long as you followed the above guidelines to the letter.
Article Credits : MongoAudit
