[英]MongoDB: Which permissions are needed for a user to create a database?
We need to create a special role that will allow only the following actions: 我们需要创建一个特殊角色,该角色将仅允许以下操作:
Which MongoDB roles are needed to create a database? 创建数据库需要哪些MongoDB角色? It is not written anywhere in the documentation here https://docs.mongodb.com/manual/reference/built-in-roles/ and it doesn't seem there is a known role which can perform this task 它没有写在这里的文档中的任何地方https://docs.mongodb.com/manual/reference/built-in-roles/似乎没有一个已知的角色可以执行此任务
I think readWrite
is the role you need. 我认为readWrite
是您需要的角色。 I tried what follows: 我尝试了以下操作:
admin
db using an administrative user 使用管理用户连接到我的admin
数据库 aaa
user, defined on admin
db, with a password and two roles: readWrite
on (not existent) database xxx
and dbAdmin
on (not existent) database yyy
创建一个新aaa
用户,定义admin
数据库,用密码和两个角色: readWrite
上(不存在)的数据库xxx
和dbAdmin
上(不存在)数据库yyy
admin
db using aaa
user 使用aaa
用户连接到admin
数据库 So I tried to insert a document in a test
collection in both xxx
and yyy
databases: 因此,我尝试在xxx
和yyy
数据库中的test
集合中插入文档:
use xxx
db.test.insert({})
with response Inserted 1 record(s) in 2ms 有反应在2毫秒内插入1条记录
use yyy
db.test.insert({})
with response not authorized on yyy to execute command ... 响应未授权yyy执行命令...
The error message refers to the fact that aaa
can't execute insert
into test
: database creation happens at the time of the first insert, so you need readWrite
role in order to make the first insert
==> create the database. 该错误消息表示aaa
无法在test
执行insert
:数据库创建是在第一次插入时发生的,因此您需要具有readWrite
角色才能进行第一次insert
==>创建数据库。
I hope the approach I adopted to check the question can help you resolving your problem. 我希望我采用的检查问题的方法可以帮助您解决问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.