Reputation: 547
Password protect remove command mongodb
Is there any way to password protect mongodb remove command.
One of my junior did the remove of collection by mistake on production environment. So I want to restrict everyone from using remove command.
Upvotes: 0
Views: 249
Answers (1)
Reputation: 4843
You would need to create custom roles that allow said users only a subset of commands on the database.
For the role to apply to all databases you need to create it on the admin db. Otherwise it is specific for the db it is created on.
For example you could create the following role to allow read/write to documents, but only read to collections and dbs.
use admin
db.runCommand({ createRole: "juniorUser",
privileges: [{
resource: { db: "", collection: "" },
actions: [ "find", "update", "insert", "remove", "createCollection", ]
}],
roles: [
role: "read"
]
})
This creates a new role that inherits from the basic read role and also adds the five privileges. You can find a list of all privileges available here.
Upvotes: 3
Related Questions
- How to protect my mongodb database to be accessed without password?
- what's the easiest way to password protect mongodb database for remote user?
- Shell script for mongo DB authentication
- Sign in with Mongo shell without having password shown?
- Inserting a password in MongoDB
- MongoDB 3.2 - how to pass password from command line?
- MongoDB throws delete message "DELETED_BECAUSE_YOU_DIDNT_PASSWORD_PROTECT_YOUR_MONGODB"
- Can I set a password on a collection
- MongoDb: How to drop a database using shell using authentication?
- .NET implementation of MongoDB remove command