How to restrict access to Replica Set Database


I have configured a mongo DB with replicaSet clustering 3 servers ( 1 primary and 2 secondary). This is working pretty much good and my only concern is after configure the replicaSet I am able to access / connect the mongo DB without replicaset. When pushing the data how can I restrict the access to the DB with mandatory replicaset name. If is not the exact same replicaSet name metioned, it should drop the connection. Currently without provide any replicaset also I am able to connect and push data.

I am a beginner in replicaSet configuration and really dont know actually is that a security problem or not.

Hello @Sreejith_G, welcome to the MongoDB Community forum.

Currently without provide any replicaset also I am able to connect and push data

You can connect to your replica-set using the Connection String URI for replica-set. When you use this URI format, you will specify the replica-set members and the replica-set name in the URI. This will let you connect to the replica-set and perform the database operations like reading, writing, etc.

MongoDB Security is the topic you should get familiar with as this has all the features to secure your deployment. The two main aspects of the security are the Authentication and the Authorization.

When you Deploy a Replica Set it is without access control (restrictions to access the database resources). To deploy a replica set with access control enabled, Deploy Replica Set With Keyfile Authentication. Since you already have a replica set deployed, see Update Replica Set to Keyfile Authentication.