Creating and assigning custom roles
In this recipe, we will look at how to create a custom role and assign it to users. We will also have a quick look at how to add roles to and revoke roles from a user.
Getting ready
You will need a standard MongoDB installation. Additionally, we will continue from the previous recipe, where we had created a database user and assigned it a built-in role.
How to do it...
- Connect to the mongod instance using the mongo shell and authenticate as superuser:
use admin db.auth('superadmin', 'supasecret')
- Switch to
mydband create a new role:
use mydb db.createRole( { role: "InsertAndReadOnly", privileges: [ { actions: [ "find", "insert" ], resource: { db: "mydb", collection: "mockdata" } } ], roles: [] } )
- Use the
db.getRole()command to view the newly created role:
db.getRole('InsertAndReadOnly' , { showPrivileges: true })- You should see an output similar to this:
{ "role" : "InsertAndReadOnly", "db" : "mydb", "isBuiltin...
