'Creating a user gives it admin permissions everywhere
I'm trying to create a user that only has read / write permissions for a specific database, but when logging in as the new user, it has permissions to create users, modify everything, etc.
> use testdb
< 'switched to db testdb'
> db.createUser({
user: 'testuser',
pwd: 'totallysecurepassword',
roles: [{
role: 'readWrite', db: 'testdb'
}]
})
< { ok: 1 }
> db.getUser('testuser')
< {
_id: 'testdb.testuser',
userId: UUID("1896349f-c17c-4755-9918-ea9977b98331"),
user: 'testuser',
db: 'testdb',
roles: [ { role: 'readWrite', db: 'testdb' } ],
mechanisms: [ 'SCRAM-SHA-1', 'SCRAM-SHA-256' ]
}
I'm not sure what I'm doing wrong, and I'm 100% sure I'm logging in as the correct user.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|