创建用户一定要在具体的db下执行
use admin
Root用户:
db.createUser({user:"root", pwd:“pwd", roles:[{role:"root", db:"admin"}]})(一般不要用这个用户)
仅次于ROOT用户的:
db.createUser({ user:"admin",pwd:"pwd",
roles:[
{role:"clusterAdmin",db:"admin"},
{role:"userAdminAnyDatabase",db:"admin"},
{role:"dbAdminAnyDatabase",db:"admin"},
{role:"readWriteAnyDatabase",db:"admin"}
]})
门管理用户的:
db.createUser({user:"userAdmin", pwd:“pwd", roles:[{role:"userAdminAnyDatabase", db:"admin"}]})
备份用户的:
db.createUser({user:"backup", pwd:" pwd ", roles:[{role:"backup", db:"admin"}]})
恢复用户:
db.createRole({role:"restoreEx", ,privileges:[{resource:{anyResource:true},actions:["anyAction"]}],roles:[{role:"restore", db:"admin"}]})(这个权限开的太大了)
db.createRole({role:‘restoreEx’, ,privileges:[{resource:{db:“config”,collection:“system.sessions”},actions:[‘find’,‘insert’,‘remove’,‘update’]}],roles:[{role:“restore”, db:“admin”}]})(优先这个)
db.adminCommand({ createRole: "restoreEx", privileges: [ { resource: { db: "config", collection: "system.sessions" }, actions: [ "find", "update", "insert", "remove" ] }, ], roles: [ { role: "restore", db: "admin" } ], writeConcern: { w: "majority" , wtimeout: 5000 }})
删除用户:
db.dropUser(“xxx”);
删除角色:
db.dropRole(“‘restoreEx”);
修改密码:
db.changeUserPassword("restore",“pwd")
权限与用户:
db.grantRolesToUser("restore", [{role:"restoreEx",db:"admin"}])
db.revokeRolesFromUser("admin",["restore"])
权限与角色:
db.getRole( "restore", { showPrivileges: true } )
db. grantPrivilegesToRole("restore", [{resource:{db:"config",collection:"system.sessions"},actions:["find","insert","remove","update"]}])
show users:只显示具体某个DB的用户
db.system.users.find():显示的是整个集群里的所有用户
免责声明:
① 本站未注明“稿件来源”的信息均来自网络整理。其文字、图片和音视频稿件的所属权归原作者所有。本站收集整理出于非商业性的教育和科研之目的,并不意味着本站赞同其观点或证实其内容的真实性。仅作为临时的测试数据,供内部测试之用。本站并未授权任何人以任何方式主动获取本站任何信息。
② 本站未注明“稿件来源”的临时测试数据将在测试完成后最终做删除处理。有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341