How To Enable MongoDB Sharded Cluster Authorization

How To Enable MongoDB Sharded Cluster Authorization

Once MongoDB is installed, by default, authentication is not enabled, users can login without specifying user name / password. Authorization is extremely important for security and needs to be enabled.

The following steps must be followed in order for enabling authorization (Server Centos Linux 7, MongoDB version 3.2):

You may also want to read the below article.

Deploy Sharded Cluster with Keyfile Access Control on Red Hat Enterprise Linux or CentOS Linux

Step 1: Create a Key File for Enabling Authorization

First, a key file is created with openssl. This file will be used for connection and communication between servers.

Step 2: Copy Key File To Other Servers

This created file is copied to the corresponding directory of all servers. The key file on all servers must be the same.

Step 3: Restart Mongod and Mongos with Parameters

All mongod and mongos operations are restarted using this keyfile. The commands are given the parameter –keyfile <file_path>. Below are sample commands for example mongod (config, shard) and mongos (router) operations.

Step 4: Create Administration Account

The next step in enabling authorization is to create an administrator account.

Step 6: Check Status of the Account

The status of the user can be seen with the following command.

Step 7: Check MongoDB Authorization

The next mongos login requires authorization, otherwise you will get an error.

Leave a Reply