1. First log in using the admin account, and use the admin to create a User we need.
2. Use the following command to create User and Role.
Example 1:
db.createUser({ "user": "test_user", "pwd": "test_user", "roles": [ { "role": "read", "db": "testdb1" }, { "role": "readWrite", "db": "db1" }, { "role": "read", "db": "db2" }, { "role": "readWrite", "db": "testdb2" } ], "mechanisms": [ "SCRAM-SHA-1" ] })
Example 2:
db.dropUser("test_user")
Example 3:
db.createUser({ "user": "test_user", "pwd": "test_user", "roles": [ "readWriteAnyDatabase" ], "mechanisms": [ "SCRAM-SHA-1" ] })
3. About Role, we can set the following role.
(1) database user role
read: read-only data permissions
readWrite: permission to read and write data
(2) Database Management role
dbAdmin: permission to perform management operations in the current db
dbOwner: take any action in the current db
userADmin: user administrative privileges in the current db
(3) the role of backup and restore
backup
restore
(4) cross-database role
readAnyDatabase: data have read permissions on all databases
readWriteAnyDatabase: in the database have read and write access to all data
userAdminAnyDatabase: on all databases have administrative rights to the user
dbAdminAnyDatabase: All rights management database
(5) Cluster Management
clusterAdmin: the highest authority management machine
clusterManager: rights management and monitoring cluster
clusterMonitor: permission to monitor cluster
hostManager: Management Server
(6) super powers
root: Super User
reference: