Thursday, 3 August 2023

MongoDB Security

 MongoDB provides various features, such as authentication, access control, encryption, to secure your MongoDB deployments. Some key security features include:

 

By Default not any authentication enabled in mongoDB env.

1.) Basic authentication like a role based give the privileges/role etc to the user.

2.) Database authentication enabled with the help of below the parameter set in configuration file.

create user with admin role

security.authorization so after enable when you try to login they not permit to execute any command so swith the admin user and login to authenticate user then try.

Login to authenticate user.

> use admin

> db.auth(“TEST”,”tesT123″);

1

> show dbs

Another authentication like SSL/TSL also provide the mongodb i’m giving you some idea how to configure.

For SSL. Generate Certificate > then verify the signature > .cert/pem file allocated to the server the pass the path through ops-manager / CLI also doing this thing > configure with LDAP .. then try to login like this.:

Connection string using LDAP :
mongo –ssl –sslCAFile /var/lib/mongod/cert/TESTca.pem –host $(hostname).$(dnsdomainname) –port 27022 -u “TEST” -p “” –authenticationMechanism ‘PLAIN’ –authenticationDatabase ‘$external’ admin

So security enable is not a part of only DBA involve more teams like . Application/LDAP/Network/Security/DBA

 

For more detail about Security : Click Here

 

No comments: