mongo-db
  1. mongo-db-role-management-commands
PreviousNext

Role Management Commands - ( Database and Collection Commands )

In MongoDB, role-based access control (RBAC) is used to determine what actions users can take on a database or collection. In this page, we will discuss the role management commands for databases and collections in MongoDB.

Syntax

Here is the syntax for creating and managing roles in MongoDB:

Create a role

db.createRole({
   role: "role_name",
   privileges: [
      {
         resource: { db: "database_name", collection: "collection_name" },
         actions: [ "action1", "action2", ... ]
      },
      // additional privileges can be added here
   ],
   roles: [
      { role: "role_name2", db: "database_name" },
      // additional roles can be added here
   ]
})

Drop a role

db.dropRole("role_name")

Update a role

db.updateRole("role_name", updateDocument)

Display all roles

db.getRoles()

Example

Here's an example of creating a role in MongoDB:

use test
db.createRole({
   role: "readWrite",
   privileges: [
      {
         resource: { db: "test", collection: "myCollection" },
         actions: [ "find", "update", "insert", "remove" ]
      }
   ],
   roles: []
})

This creates a role called "readWrite" that has privileges to perform find, update, insert, and remove operations on the myCollection collection in the test database.

Output

When you create or update a role, MongoDB returns a document containing information about the role. When you drop a role, MongoDB returns a boolean indicating whether the operation was successful.

When you display all roles with the getRoles() command, MongoDB returns a list of documents containing information about each role.

Explanation

MongoDB provides RBAC to allow administrators to control what actions users can take on a database or collection. Roles consist of privileges and roles - privileges define what can be done, and roles define which users have the role.

The createRole() command is used to create a new role with a name, privileges, and an optional list of roles the new role inherits from. The dropRole() command is used to delete a role. The updateRole() command is used to update a role.

The getRoles() command is used to retrieve a list of all roles defined in the database.

Use

Role management commands are used to set up and maintain RBAC in MongoDB. By creating roles with appropriate privileges, administrators can control what users can do within a database or collection.

Important Points

  • Role management commands are used to create, update, and drop roles in MongoDB.
  • Roles consist of privileges and roles.
  • RBAC can be used to control what actions users can take on a database or collection.

Summary

In this page, we discussed the role management commands for databases and collections in MongoDB. We covered the syntax, example, output, explanation, use, important points, and summary of these commands. By using role management commands, administrators can set up and maintain RBAC to control what users can do within a database or collection.

User Management CommandsReplication Commands
Published on: