How To Enable MongoDB Sharded Cluster Authorization

Once MongoDB is installed, by default, authentication is not enabled, users can login without specifying user name / password. Authorization is extremely important for security and needs to be enabled.

The following steps must be followed in order for enabling authorization (Server Centos Linux 7, MongoDB version 3.2):

You may also want to read the below article.

Deploy Sharded Cluster with Keyfile Access Control on Red Hat Enterprise Linux or CentOS Linux

Step 1: Create a Key File for Enabling Authorization

First, a key file is created with openssl. This file will be used for connection and communication between servers.

Step 2: Copy Key File To Other Servers

This created file is copied to the corresponding directory of all servers. The key file on all servers must be the same.

Step 3: Restart Mongod and Mongos with Parameters

All mongod and mongos operations are restarted using this keyfile. The commands are given the parameter –keyfile <file_path>. Below are sample commands for example mongod (config, shard) and mongos (router) operations.

Step 4: Create Administration Account

The next step in enabling authorization is to create an administrator account.

Step 6: Check Status of the Account

The status of the user can be seen with the following command.

Step 7: Check MongoDB Authorization

The next mongos login requires authorization, otherwise you will get an error.

Emre Gazioğlu
Author: Emre Gazioğlu

Leave a Reply

Your email address will not be published. Required fields are marked *