角色分类 | 角色 | 权限及角色 |
Database User Role | ||
read | CollStats,dbHash,dbStats,find, killCursors,listIndexes, listCollections | |
readWrite | CollStats,ConvertToCapped,CreateCollection, DbHash,DbStats,DropCollection, CreateIndex,DropIndex,Emptycapped, Find,Insert,KillCursors,ListIndexes, ListCollections,Remove,RenameCollectionSameDB,update | |
Database Administration Roles | ||
dbAdmin | collStats,dbHash,dbStats,find,killCursors, listIndexes,listCollections,dropCollection, createCollection, system.profile | |
dbOwner | 角色:readWrite, dbAdmin,userAdmin | |
userAdmin | ChangeCustomData,ChangePassword,CreateRole,CreateUser,DropRole,DropUser,GrantRole,RevokeRole,ViewRole,viewUser | |
Cluster Administration Roles | ||
clusterAdmin | 角色:clusterManager, clusterMonitor, hostManager | |
clusterManager | AddShard,ApplicationMessage,CleanupOrphaned,FlushRouterConfig,ListShards,RemoveShard,ReplSetConfigure,ReplSetGetStatus,ReplSetStateChange,Resync,EnableSharding,MoveChunk,SplitChunk,splitVector | |
clusterMonitor | connPoolStats,cursorInfo,getCmdLineOpts,getLog,getParameter,getShardMap,hostInfo,inprog,listDatabases,listShards,netstat,replSetGetStatus,serverStatus,shardingState,topcollStats,dbStats,getShardVersion | |
hostManager | applicationMessage,closeAllDatabases,connPoolSync,cpuProfiler,diagLogging,flushRouterConfig,fsync,invalidateUserCache,killop,logRotate,resync,setParameter,shutdown,touch,unlock | |
Backup and Restoration Roles | ||
backup | 提供在admin数据库mms.backup文档中insert,update权限列出所有数据库:listDatabases列出所有集合索引:listIndexes对以下提供查询操作:find*非系统集合*系统集合:system.indexes, system.namespaces, system.js*集合:admin.system.users 和 admin.system.roles | |
restore | 非系统集合、system.js,admin.system.users 和 admin.system.roles 及2.6 版本的system.users提供以下权限: collMod,createCollection,createIndex,dropCollection,insert列出所有数据库:listDatabasessystem.users :find,remove,update | |
All-Database Roles | ||
readAnyDatabase | 提供所有数据库中只读权限:read列出集群所有数据库:listDatabases | |
readWriteAnyDatabase | 提供所有数据库读写权限:readWrite列出集群所有数据库:listDatabases | |
userAdminAnyDatabase | 提供所有用户数据管理权限:userAdmin Cluster:authSchemaUpgrade,invalidateUserCache,listDatabases,admin.system.users和admin.system.roles:collStats,dbHash,dbStats,find,killCursors,planCacheRead,createIndex,dropIndex | |
dbAdminAnyDatabase | 提供所有数据库管理员权限:dbAdmin 列出集群所有数据库:listDatabases | |
Superuser Roles | root | 角色:dbOwner,userAdmin,userAdminAnyDatabase,readWriteAnyDatabase, dbAdminAnyDatabase,userAdminAnyDatabase,clusterAdmin |
Internal Role | __system | 集群中对任何数据库采取任何操作 |
MongoDB 角色表
最新推荐文章于 2024-02-25 10:04:13 发布