mongoDB admin 권한 설정방법 How to enable access control for mongo DB



** WARNING: Access control is not enabled for the database.
** Read and write access to data and configuration is unrestricted.
해결방법 Solution
요약 : mongoDB를 설치하면 기본적으로 admin이라는 db가 생성됩니다.
이 admin db에 앞으로 생성할 db와 user를 관리할 수 있는 administrator 계정을 생성합니다.
그리고 나서 administrator 계정을 통해 작업할 db와 그 db에 접근 가능한 user 계정을 만듭니다.
이후 user 계정으로 접속해 db 작업을 진행합니다.
// How to enable access control for  mongo DB
$ mongo
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.10
Server has startup warnings:
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]

// db list
> show dbs
admin 0.000GB
local 0.000GB

// Create the User Administrator
> use admin
switched to db admin
> db.createUser (
{
    user: "adminer",
    pwd: "admin1234",
    roles: [{role: "userAdminAnyDatabase", db:"admin"}]
})
Successfully added user: {
    "user" : "adminer",
    "roles" : [
        {
            "role" : "userAdminAnyDatabase",
            "db" : "admin"
        }
    ]
}
> exit
bye

// Create a database and the user of the database
$ mongo
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.10
Server has startup warnings:
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2018-01-12T09:03:22.199+0900 I CONTROL  [initandlisten]
> use admin
switched to db admin
> db.auth("adminer", "admin1234")
1

// Create "test" database
> use test
switched to db test

// Create the user "tester"
> db.createUser( { user: "tester", pwd: "1234", roles: [ { role: "readWrite", db: "test" } ] } )
Successfully added user: {
    "user" : "tester",
    "roles" : [
        {
            "role" : "readWrite",
            "db" : "test"
        }
    ]
}
> exit
bye

// Connect and authenticate as tester
$ mongo
> use test
switched to db test
> db.auth("tester", "1234")
1

// Create collections and document
>db.foo.insert( { x: 1, y: 1 } )
WriteResult({ "nInserted" : 1 })
> db.foo.find()
{ "_id" : ObjectId("5a5c8f1ce1821d42fd83ba58"), "x" : 1, "y" : 1 }
>

댓글

이 블로그의 인기 게시물

Install pm2 via yarn globally

Install Nginx on Linux