One crucial aspect of MongoDB administration is user management (create, update, delete users) which permits us to control access to the databases and ensure data security. We will walk through creating a user in MongoDB in this particular article with different options. Alongside this, we will also learn to drop those users from MongoDB.
1. Create a user with ‘user’ and ‘pwd’ options
The createUser() is the method for creating the user in MongoDB. We provide the basic structure of the createUser() method below to create the user.
# Creating user with ‘user’ and ‘pwd’ options
db.createUser(
{
user: "user1",
pwd: "1234",
roles: [ ]
}
);
Here, we create a new user for the default database test in MongoDB through the createUser() method with the username user1 and the password 1234which are set to the user and pwd parameters, respectively. However, the code doesn’t specify any roles for the user, so the user won’t have any specific privileges or access rights by default.
The user is created without any error under the specific password.
2. Create a user with a ‘roles’ option
As earlier, we set the roles option empty. Now, we set the roles option below to define certain privileges for the specific user.
# Creating user with a ‘roles’ option
db.createUser(
{
user: "sam",
pwd: "Sam21",
roles:[{role: "userAdmin" , db:"student"}]})
Here, we employed the createUser() method which takes the user, pwd, and roles parameters which create a new user named sam with the password Sam21 and assign the userAdmin role to the user for the student database. The built-in userAdmin role in MongoDB provides administrative rights for managing users, including establishing and handling users, roles, and privileges. Since we assigned this role to the ‘sam’ user for the ‘student’ database, the user has administrative control over user management operations.
Hence, the user is created as shown in the following output with specific privileges.
3. Create a user with multiple ‘roles’ options
Moreover, we can assign more than one role for the specific user. The sample query of assigning two different roles for one user is provided below.
# Creating user with multiple ‘roles’ options
db.createUser(
{
user: "harry",
pwd: "h155y",
roles:[
{
role: "read" , db:"student"},
{
role: "readWrite" , db:"users"}
]
})
The createUser() method here creates a new user named harry with the password h155y. We assigned two roles for the particular user: read for the student database and readWrite for the users database. The read role enables the user to examine the data in the designated database but cannot modify it or add new documents. On the other hand, the readWrite role gives the user read and write access, enabling them to browse, customize, and add documents in the designated database.
Now, the new user is created for the specific databases as the output is generated an ok: 1 message.
4. Create an admin user with specific roles
However, we can create an administrative user with specific privileges to manage users and databases effectively.
# Creating admin user with specific roles
use admin
db.createUser(
{
user: "NewAdmin",
pwd: "admin5555",
roles: [ { role: "readWrite", db: "config" },
"clusterAdmin"
]
}
);
Here, we first switch to the admin database using the use admin command and create a new user NewAdmin with the password admin5555 using the createUser() method. Then, the defined user is assigned two roles. The readWrite role enables you to read and write to the database config. Secondly, the clusterAdmin role which is a built-in role in MongoDB that provides administrative privileges for cluster-wide operations. Now, the user can use it to handle a variety of administrative activities relevant to the overall MongoDB cluster.
The admin user is successfully added to the assigned databases.
5. Drop existing users
Using the dropUser() method below, a user account, together with the credentials and privileges attached to it will be removed from the given database.
# Usage of dropUser() method
db.dropUser("harry")
Here, the dropUser() method is passed to the user harry to delete it and revoke all associated privileges granted to that user within the current database.
The output message represents that the user is now removed.
6. Conclusion
In conclusion, we have outlined the ways to create users under specific privileges or without privileges in MongoDB. Now, we can make sure that the data is secure and authentic by carefully establishing user roles and access rights.
More details about this topic can be found here.
Related Articles
- Most Useful Basic MongoDB Commands
- Using MongoDB Index Explained
- List Databases in MongoDB
- MongoDB Interview Questions
- Check MongoDB Version
- Node.js Using Express.js with MongoDB
- MongoDB Create Database & Collection
- MongoDB updateOne() method Explained
- Using Mongoose Module with MongoDB
- MongoDB Client Tools (Interact with MongoDB)
- Using MongoDB Index Explained
- MongoDB Schema
- MongoDB vs MySQL Differences