In Atlas a user has the atlasAdmin role which includes the clusterMonitor built-in role. When the user executes the db.hostInfo() command it fails with user not authorized. I also tried explicitly granting specifc roles and granted the clusterMonitor role and it still fails. We have a utility mongopush designed for moving data to Atlas but the utility executes hostInfo() and is failing.
Any ideas how to resolve? Thanks for your help.
More info:
db.getUser("jim")
{
"_id" : "admin.jim",
"user" : "jim",
"db" : "admin",
"roles" : [
{
"role" : "atlasAdmin",
"db" : "admin"
}
]
db.getRole("atlasAdmin")
{
"role" : "atlasAdmin",
"db" : "admin",
"isBuiltin" : false,
"roles" : [
{
"role" : "readWriteAnyDatabase",
"db" : "admin"
},
{
"role" : "dbAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "enableSharding",
"db" : "admin"
},
{
"role" : "backup",
"db" : "admin"
},
{
"role" : "clusterMonitor",
"db" : "admin"
}
],
after authentication with id jim:
db.hostInfo()
{
"ok" : 0,
"errmsg" : "(Unauthorized) not authorized on admin to execute command { hostInfo: 1.0, lsid: { id: {4 [11 198 184 131 248 89 75 112 189 220 204 129 89 78 100 9]} }, $clusterTime: { clusterTime: {1622729629 3}, signature: { hash: {0 [109 208 131 205 113 140 115 176 19 181 213 62 131 104 106 127 185 153 173 100]}, keyId: 6968235905458896896.000000 } }, $db: \"admin\" }",
"code" : 8000,
"codeName" : "AtlasError"
}
What is yur cluster type? Free or paid?
There are restrictions on free tier clusters
From doc:
M0
Free Tier and M2
/ M5
shared starter clusters don’t support read or write operations on the admin
database
I’m on the free tier. The unsupported command list doesn’t mention hostInfo but I suspect the tier is the problem. I’ll have access to a higher tier very soon and will try there. Thanks for your reply.
Hi @Jim_Fletcher,
I’m on the free tier. The unsupported command list doesn’t mention hostInfo but I suspect the tier is the problem.
Yes, the unauthorized message you received running db.hostInfo()
is due to the command being run on a Free / shared tier cluster (M0
and M2/M5
).
The hostInfo command must be run against the admin
database. However, M0
free clusters and M2
/ M5
shared clusters don’t support read or write operations on the admin
database as per the Unsupported Commands in M0/M2/M5
Clusters documentation.
I will be raising a request to have this stated more explicitly.
Hope this helps.
Jason