MongoDB Best Practices

Mister Baanu
Aug 8, 2017 · 1 min read

MongoDB Training by Experts : Best Practices.

When creating new users and assigning them roles:

  • Never share a single user across several applications, even though they only make queries to the same one database.
  • Remind this. We can’t help but emphasize the previous point: one application, one user.
  • In the same manner, one user should only be granted roles and permissions over a single database.
  • Always grant the most restrictive role. If your app only reads from two collections, grant it a readOnly permission solely over those collections and not over the whole database.
  • Never grant apps the dbAdmin or dbOwner roles. Why in the hell would your app need to create and delete collections or database-wide users?

In the event that some day your app gets somehow compromised or hacked — which is something no one can prevent to the 100% — the damage will be minimal as long as you followed the above guidelines to the letter.

Article Credits : MongoAudit

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade