Open in app

Sign in

Write

Sign in

Balanced MongoDB Authentication

Gaurav Gandhi
Praemineo
Published in
1 min readFeb 24, 2021

A minimum viable security approach that provides a security layer while maintaining ease of use.

Create root user

This role provides access to all operations on all the resources. You can do anything and everything with this user role on any database. Read more on official documentation.

To create the root user, select admin database and execute create user statement.

use admin;db.createUser(
  {
    user: 'root',
    pwd: 'root@123',
    roles: [ 'root' ]
  }
);

Update Mongo config to enable auth

Edit /etc/mongod.conf and update/add following,

security:
    authorization: "enabled"

Restart MongoDB service

I use the following command on my Ubuntu 20.04 machine, you can find the commands for your system here.

sudo service mongod restart

Auth using admin credentials

use admin;db.auth('root', 'root@123');

Create normal users per DB

This role provides access to all operations on the selected database. Create index, new users, backup, restore, etc. Read more on Official documentation.

To create the dbOwner user, select the database for which you want the user, keep auth database as same as well.

use mydb;db.createUser(
  {
    user: "mydbUser",
    pwd: "mydb@123",
    roles: [ 'dbOwner' ]
  }
);

IMO, this is best the setup to get started with authentication on MongoDB, which provides an optimal balance between security and ease of use.

Mongodb
Authentication
Security
Usability
Getting Started

--

--

Gaurav Gandhi
Praemineo

Written by Gaurav Gandhi

83 Followers
Editor for

10+ yrs exp. in software dev. Highly versatile and adaptable, learns new tech quickly to deliver top-notch results.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams