0、查看用户
use db-xxx
show users;
1、普通指定数据库读写用户
db.createUser( {user: "user",pwd: "eKjdklURypdf",roles: [ { role: "readWrite", db: "db01" }]})
2、指定数据库管理员并拥有读写权限
db.createUser( {user: "admin-user",pwd: "NtxRwc9",roles: [ { role: "dbAdmin", db: "db01" }, { role: "readWrite", db: "db01" } ]})
3、用户可以读所有数据库,读写指定数据库
db.createUser( {user: "user03",pwd: "uskkugsm",roles: [ { role: "readAnyDatabase", db: "admin" }, { role: "readWrite", db: "db01" } ]})
4、普通指定数据库只读
use bucketadm
db.createUser( {user: "xxxxuser-read",pwd: "m8rexxxxxxxxxx",roles: [ { role: "read", db: "db01" }]})
5、mongodb免交互
mongo --host rs0/192.168.86.10:27017,192.168.86.10:27018,192.168.86.10:27019<<EOF
use admin;
db.auth("root","rootPassw0rd");
show dbs;
exit;
6、1个用户授权多个数据库权限
use admin
db.createUser( {user: "clearml-user",pwd: "xxx",roles: [ { role: "readWrite", db: "clearml-backend" },{ role: "read", db: "clearml-auth" }]})
7、删除用户
db.removeUser('cleanpolicy-user')
8、创建dbOwner权限的用户
use cleanpolicy
db.createUser( {user: "cleanpolicy-user",pwd: "cicdxxxxx",roles: [ { role: "dbOwner", db: "cleanpolicy" } ]})
9、更新密码
db.changeUserPassword("usertest","changepass");
10、指定账号访问指定db的指定collection,以用户duanshuaixing访问db01的test这个collection为例
##创建用户
use db01
db.createUser(
{
user: "duanshuaixing",
pwd: "duanshuaixing-password",
roles: [ ]
}
)
##创建自定义策略
db.createRole(
{
role: "duanshuaixing-db01-customRole",
privileges: [
{
resource: { db: "db01", collection: "test" },
actions: [ "find", "insert", "update", "remove" ]
}
],
roles: []
}
)
##给指定用户授权自定义策略
db.grantRolesToUser( "duanshuaixing", [ "duanshuaixing-db01-customRole" ] )
##查看role
db.getRoles()
db.getRole( "duanshuaixing-db01-customRole", { showPrivileges: true } )
## 删除role
db.dropRole("duanshuaixing-db01-customRole",{ w: "majority" })