Hi Team,
What is command to create user and provide access at collection level.
I know at DB level we can provide as below:
use reporting
db.createUser(
{
user: “reportsUser”,
pwd: “12345678”,
roles: [
{ role: “read”, db: “reporting” },
{ role: “read”, db: “products” },
{ role: “read”, db: “sales” },
{ role: “readWrite”, db: “accounts” }
]
}
)
But if we need provide readwrite access only at certain collection.
Regards,
Vishwanath
Hey @vishwanathk
You will be getting into User Defined Roles if you need that level of authorization validations. Specifically the resource field below
use admin
db.createRole(
{
role: "customRoleName",
privileges: [
{ resource: { db: "test", collection: "one" }, actions: [ "find", "insert" ] }
],
roles: []
}
)
Therefore the follow role will give a user access to the collection called one on the test database, with the ability to only do the find or insert actions.
See the doc for more info.
Create a User defined Role
Privilege Actions
Reasoure Document